Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in Open5GS
Vulnerability Description
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Open5GS 访问控制错误漏洞
Vulnerability Description
Open5GS是一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS 2.4.10及之前版本存在访问控制错误漏洞,该漏洞源于缺乏身份验证,导致攻击者可以向Open5GS端点发送HTTP请求,并检索存储在设备上的信息。
CVSS Information
N/A
Vulnerability Type
N/A