CVE-2026-34762

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.8.0

Description The PUT /api/v1/subscriber/{imsi} API endpoint accepts an IMSI identifier from both the URL path and the JSON request body without verifying they match. This allows an authenticated NetworkManager to modify any subscriber's policy while the audit trail records a fabricated or unrelated subscriber IMSI. An attacker can modify a subscriber's Quality of Service (QoS) policy, potentially degrading service or altering traffic routing, while the audit log attributes the change to a non-existent or unrelated subscriber.

Recommendations Update to version 1.8.0 or later.