Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. The WebUI component allows an unauthenticated user to use a crafted HTTP API request to create, read, update, or delete entries in the subscriber database. For example, new administrative users can be added. The issue occurs because Express is not set up to require authentication.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sukchan Lee open5gs 访问控制错误漏洞
Vulnerability Description
Sukchan Lee open5gs是 Sukchan Lee开源的一个应用软件。提供一系列实现4G,5G,NSA和5G,SA核心功能的软件组件和网络功能。 Sukchan Lee open5gs 2.1.3 到 2.2.0版本存在访问控制错误漏洞,该漏洞源于web组件允许未经身份验证的用户使用精心制作的HTTP API请求创建、读取、更新或删除订阅者数据库中的条目。
CVSS Information
N/A
Vulnerability Type
N/A