CVE-2025-15176

EUVD-2025-205559

29.12.2025, 07:15

A flaw has been found in Open5GS up to 2.7.5. This affects the function decode_ipv6_header/ogs_pfcp_pdr_rule_find_by_packet of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the attack remotely. The exploit has been published and may be used. This patch is called b72d8349980076e2c033c8324f07747a86eea4f8. Applying a patch is advised to resolve this issue.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
open5gs	open5gs	𝑥 ≤ 2.7.5

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-617 - Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References

https://github.com/open5gs/open5gs/

https://github.com/open5gs/open5gs/commit/b72d8349980076e2c033c8324f07747a86eea4f8

https://github.com/open5gs/open5gs/issues/4180

https://github.com/open5gs/open5gs/issues/4180#issue-3666760066

https://github.com/open5gs/open5gs/issues/4180#issuecomment-3615555671

https://vuldb.com/?ctiid.338561

https://vuldb.com/?id.338561

https://vuldb.com/?submit.719830