CVE-2026-42459
HighSummary
In versions prior to 4.2.2, the UDM component in free5GC fails to validate the supi path parameter in six GET handlers of the nudm-sdm service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response, exposing internal infrastructure details.
Risk Assessment
This vulnerability may lead to the exposure of sensitive information about the organization's infrastructure, increasing the risk of attacks on the system. An attacker could exploit this flaw to further compromise the system.
Recommendation
It is recommended to upgrade to version 4.2.2 or later to mitigate this vulnerability. Additionally, conducting a security audit to identify other potential vulnerabilities is advisable.
Original NVD description (English source)
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm (Subscriber Data Management) service. An unauthenticated attacker can inject control characters into the SUPI parameter, causing UDM to forward a malformed request to UDR and return a 500 Internal Server Error response that exposes internal infrastructure details. This vulnerability is fixed in 4.2.2.

