PT-2026-45161 · Open5Gs · Open5Gs
Seungjoon Na
·
Published
2026-05-31
·
Updated
2026-05-31
·
CVE-2026-10157
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Open5GS versions prior to 2.7.7
Description
Improper authentication exists in the NGAP PathSwitchRequest Message Handler component within the
src/amf/ngap-handler.c file. This issue allows a remote attacker to bypass authentication mechanisms.Recommendations
Apply patch a188e36b1741ffc2252133f59b1bda4f14d3cb5c to resolve the issue.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs