Vulnerability Description
A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open5Gs | Open5Gs | <= 2.7.7 |
Related Weaknesses (CWE)
References
- https://github.com/open5gs/open5gs/Product
- https://github.com/open5gs/open5gs/issues/4492ExploitIssue Tracking
- https://vuldb.com/submit/800025Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/362339Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/362339/ctiPermissions RequiredVDB Entry
- https://github.com/open5gs/open5gs/issues/4492ExploitIssue Tracking
FAQ
What is CVE-2026-8187?
CVE-2026-8187 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption....
How severe is CVE-2026-8187?
CVE-2026-8187 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8187?
Check the references section above for vendor advisories and patch information. Affected products include: Open5Gs Open5Gs.