Perceptive Security
SOC/SIEM Consultancy
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 midd…
Published:
26 May 2026 at 22:00:00
Alert date:
27 May 2026 at 18:07:10
Source:
nvd.nist.gov
Network Infrastructure, Critical Infrastructure, Mobile & IoT
CVE-2026-44321 affects free5GC, an open-source 5G core network implementation. Prior to version 4.2.2, the SMF component mounts the UPI management route group without OAuth2 middleware protection. An unauthenticated attacker can send a POST request to /upi/v1/upNodesLinks with malicious JSON that triggers validation failures in UpNodesFromConfiguration(). One attack path involves creating UPF pools that overlap with existing pools, causing the entire SMF process to terminate with exit code 1. This vulnerability allows for denial of service attacks against 5G network infrastructure through a single unauthenticated request. The issue has been fixed in version 4.2.2.
Technical details
Mitigation steps:
Affected products:
free5GC
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-44321
https://github.com/free5gc/free5gc/issues/906
https://github.com/free5gc/free5gc/security/advisories/GHSA-44qj-cghf-9p97
https://github.com/free5gc/smf/commit/e0974e07ddab44a67d36a563cca383b2449e33e5
https://github.com/free5gc/smf/pull/203
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.