Description
A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument client_pool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-17
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the Open5GS 2.7.7 or earlier library /lib/sbi/client.c in the NRF component allows an attacker to manipulate the client_pool argument to the ogs_sbi_client_add function, causing a crash that results in a denial of service. The vulnerability is classified as CWE-404 due to a missing error handling routine that fails to validate the supplied input. If exploited, the affected service would become unavailable to legitimate users, potentially disrupting network services reliant on the NRF.

Affected Systems

Open5GS deployments built with versions up through 2.7.7 are affected. The flaw resides in the NRF module and specifically in the ogs_sbi_client_add routine within the client library. No specific operating system or platform is enforced by the flaw, making any host running the vulnerable Open5GS release a potential target.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity impact. No EPSS score is available, but the vulnerability has been disclosed publicly and is listed as not in the CISA KEV database. The description confirms that exploitation can originate remotely, implying that an attacker needs network connectivity to the NRF service. While the flaw is not highly urgent, the lack of immediate patch availability means the denial of service risk remains until a fix is released. In the absence of a patch, the vulnerability requires mitigation by restricting remote access to the NRF service and monitoring for anomalous traffic.

Generated by OpenCVE AI on May 17, 2026 at 05:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to the latest Open5GS release that resolves the client_pool validation flaw.
  • If an update is unavailable, isolate the Open5GS instance behind a firewall and deny all but trusted IP ranges from accessing the NRF service.
  • Apply temporary workload-level hotfixes such as disabling or limiting client_pool usage in configuration if the Open5GS documentation permits; otherwise consider patching the source with the vendor’s security advisory once released.

Generated by OpenCVE AI on May 17, 2026 at 05:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 17 May 2026 04:45:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument client_pool leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title Open5GS NRF client.c ogs_sbi_client_add denial of service
First Time appeared Open5gs
Open5gs open5gs
Weaknesses CWE-404
CPEs cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-17T04:15:09.207Z

Reserved: 2026-05-16T10:09:23.831Z

Link: CVE-2026-8731

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-17T05:16:16.747

Modified: 2026-05-17T05:16:16.747

Link: CVE-2026-8731

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T05:30:06Z

Weaknesses