CVE-2025-15555— Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow

CVSS 7.3 · High EPSS 0.05% · P15 Updated Apr 08, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-15555

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow

Source: NVD (National Vulnerability Database)

Vulnerability Description

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_cx_mar_cb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGS_KEY_LEN results in stack-based buffer overflow. The attack may be launched remotely. The patch is identified as 54dda041211098730221d0ae20a2f9f9173e7a21. A patch should be applied to remediate this issue.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

栈缓冲区溢出

Source: NVD (National Vulnerability Database)

Vulnerability Title

Open5GS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现，即 Lte/Nr 网络的核心网络。 Open5GS 2.7.6及之前版本存在安全漏洞，该漏洞源于对文件src/hss/hss-cx-path.c中函数hss_ogs_diam_cx_mar_cb的参数OGS_KEY_LEN操作不当，可能导致基于栈的缓冲区溢出。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Open5GS	2.7.0	`cpe:2.3:a:open5gs:open5gs::::::::`

II. Public POCs for CVE-2025-15555

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-15555

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2025-15555

Same Patch Batch · n/a · 2026-02-04 · 12 CVEs total

CVE-2026-1896	6.3 MEDIUM	WeKan Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration Migra
CVE-2026-1895	6.3 MEDIUM	WeKan Attachment Storage lists.js applyWipLimit ListWIPBleed access control
CVE-2026-1894	6.3 MEDIUM	WeKan REST API checklistItems.js Checklist REST Bleed improper authorization
CVE-2026-1892	5.0 MEDIUM	WeKan REST API boards.js setBoardOrgs improper authorization
CVE-2026-1884	4.7 MEDIUM	ZenTao Webhook model.php fetchHook server-side request forgery
CVE-2025-69620		nTools Office Reader - PDF,Word,Excel 安全漏洞
CVE-2025-69621		Android Tools Comic Book Reader 安全漏洞
CVE-2025-69618		coto Tarot, Astro & Healing 安全漏洞
CVE-2025-70997		ELADMIN 安全漏洞
CVE-2025-70545		PPC 2K05X 安全漏洞
CVE-2025-71031		Melon 安全漏洞

IV. Related Vulnerabilities

Same product: Open5GS

Same vendor: n/a

Same weakness: CWE-121

V. Comments for CVE-2025-15555

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-15555— Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow

I. Basic Information for CVE-2025-15555

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-15555

III. Intelligence Information for CVE-2025-15555

Same Patch Batch · n/a · 2026-02-04 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-15555

Leave a comment