Vulnerability Description
A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open5Gs | Open5Gs | <= 2.7.7 |
Related Weaknesses (CWE)
References
- https://github.com/open5gs/open5gs/Product
- https://github.com/open5gs/open5gs/issues/4432ExploitIssue Tracking
- https://vuldb.com/submit/808421Third Party AdvisoryVDB EntryExploit
- https://vuldb.com/vuln/361907Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/361907/ctiPermissions RequiredVDB Entry
- https://vuldb.com/submit/808421Third Party AdvisoryVDB EntryExploit
FAQ
What is CVE-2026-8120?
CVE-2026-8120 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Execu...
How severe is CVE-2026-8120?
CVE-2026-8120 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8120?
Check the references section above for vendor advisories and patch information. Affected products include: Open5Gs Open5Gs.