CVE-2026-8187
HIGH WAF: Medium
CVSS 7.5
Published: 2026-05-09
CWE-400
A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the problem early through an issue report but has not responded yet.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| open5gs | open5gs | up to 2.7.7 |
References
- github.com (Product)
- github.com (Exploit, Issue Tracking)
- vuldb.com (Third Party Advisory, VDB Entry)
- vuldb.com (Third Party Advisory, VDB Entry)
- vuldb.com (Permissions Required, VDB Entry)