CVE-2025-15176

A flaw has been found in Open5GS up to 2.7.5. This affects the function decode_ipv6_header/ogs_pfcp_pdr_rule_find_by_packet of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing manipulation can lead to reachable assertion. It is possible to launch the attack remotely. The exploit has been published and may be used. This patch is called b72d8349980076e2c033c8324f07747a86eea4f8. Applying a patch is advised to resolve this issue.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/open5gs/open5gs/commit/b72d8349980076e2c033c8324f07747a86eea4f8	Patch
https://github.com/open5gs/open5gs/issues/4180	Exploit Issue Tracking
https://github.com/open5gs/open5gs/issues/4180#issue-3666760066	Exploit Issue Tracking
https://github.com/open5gs/open5gs/issues/4180#issuecomment-3615555671	Exploit Issue Tracking
https://vuldb.com/?ctiid.338561	Permissions Required VDB Entry
https://vuldb.com/?id.338561	Third Party Advisory VDB Entry
https://vuldb.com/?submit.719830	Exploit Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*

History

31 Dec 2025, 20:57

Type	Values Removed	Values Added
CPE		cpe:2.3:a:open5gs:open5gs::::::::
First Time		Open5gs open5gs Open5gs
References	~~() https://github.com/open5gs/open5gs/commit/b72d8349980076e2c033c8324f07747a86eea4f8 -~~	() https://github.com/open5gs/open5gs/commit/b72d8349980076e2c033c8324f07747a86eea4f8 - Patch
References	~~() https://github.com/open5gs/open5gs/issues/4180 -~~	() https://github.com/open5gs/open5gs/issues/4180 - Exploit, Issue Tracking
References	~~() https://github.com/open5gs/open5gs/issues/4180#issue-3666760066 -~~	() https://github.com/open5gs/open5gs/issues/4180#issue-3666760066 - Exploit, Issue Tracking
References	~~() https://github.com/open5gs/open5gs/issues/4180#issuecomment-3615555671 -~~	() https://github.com/open5gs/open5gs/issues/4180#issuecomment-3615555671 - Exploit, Issue Tracking
References	~~() https://vuldb.com/?ctiid.338561 -~~	() https://vuldb.com/?ctiid.338561 - Permissions Required, VDB Entry
References	~~() https://vuldb.com/?id.338561 -~~	() https://vuldb.com/?id.338561 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.719830 -~~	() https://vuldb.com/?submit.719830 - Exploit, Third Party Advisory, VDB Entry

29 Dec 2025, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-29 07:15

Updated : 2025-12-31 20:57

NVD link : CVE-2025-15176

Mitre link : CVE-2025-15176

CVE.ORG link : CVE-2025-15176

JSON object : View

Products Affected

open5gs

open5gs

CWE

CWE-617

Reachable Assertion

5.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2025-15176

5.3^/10

5.0^/10

Attach tags to `CVE-2025-15176`