CVE-2025-15417

LOW 3.3

Open5GS GTPv2-C F-TEID s11-handler.c sgwc_s11_handle_create_session_request denial of service

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was identified in Open5GS up to 2.7.6. Affected is the function sgwc_s11_handle_create_session_request of the file src/sgwc/s11-handler.c of the component GTPv2-C F-TEID Handler. Such manipulation leads to denial of service. The attack must be carried out locally. The exploit is publicly available and might be used. The name of the patch is 465273d13ba5d47b274c38c9d1b07f04859178a1. A patch should be applied to remediate this issue.

CWE	CWE-404
Vendor	n/a
Product	open5gs
Published	Jan 1, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for n/a open5gs

Be the first to know when new low vulnerabilities affecting n/a open5gs are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

n/a / Open5GS

2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.339339 vuldb.com: https://vuldb.com/?ctiid.339339 vuldb.com: https://vuldb.com/?submit.727616 github.com: https://github.com/open5gs/open5gs/issues/4203 github.com: https://github.com/open5gs/open5gs/issues/4203#issuecomment-3681643498 github.com: https://github.com/open5gs/open5gs/issues/4203#issue-3719257558 github.com: https://github.com/open5gs/open5gs/commit/465273d13ba5d47b274c38c9d1b07f04859178a1 github.com: https://github.com/open5gs/open5gs/

Credits

🔍 ZiyuLin (VulDB User)