CVE-2026-1738

Sažetak

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwc_tunnel_add of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been published and may be used. It is advisable to implement a patch to correct this issue. The issue report is flagged as already-fixed.

Reference

https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4261
https://github.com/open5gs/open5gs/issues/4261#event-21968563677
https://github.com/open5gs/open5gs/issues/4261#issue-3787803578
https://vuldb.com/?ctiid.343637
https://vuldb.com/?id.343637
https://vuldb.com/?submit.741193

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

03-02-2026 - 16:44

Objavljeno

02-02-2026 - 02:16