CVE-2025-65562
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-65562
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID (e.g., 0xFFFFFFFFFFFFFFFF) that causes an integer conversion/underflow in LocalNode.DeleteSess() / LocalNode.Sess() when a uint64 SEID is converted to int and used in index arithmetic. This leads to a negative index into n.sess and a Go runtime panic, resulting in a denial of service (UPF crash). The issue has been reproduced on free5GC v4.1.0 with crashes observed in the session lookup/deletion path in internal/pfcp/node.go; other versions may also be affected. No authentication is required.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
free5GC 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
free5GC是free5GC开源的一个第 5 代 (5G) 移动核心网络的开源项目。 free5GC存在安全漏洞,该漏洞源于处理PFCP会话删除请求时缺乏边界检查,可能导致整数下溢和拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-65562
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-65562
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-12-18 · 23 CVEs total
| CVE-2025-65563 | UPF 安全漏洞 | |
| CVE-2025-63950 | twittodon 安全漏洞 | |
| CVE-2025-63948 | phpMsAdmin 安全漏洞 | |
| CVE-2025-63947 | phpMsAdmin 安全漏洞 | |
| CVE-2025-63951 | RPi-Jukebox-RFID 安全漏洞 | |
| CVE-2025-63949 | Hotel Management System 安全漏洞 | |
| CVE-2025-67163 | Simple Machines Forum 安全漏洞 | |
| CVE-2025-65566 | UPF 安全漏洞 | |
| CVE-2025-65568 | UPF 安全漏洞 | |
| CVE-2025-65567 | UPF 安全漏洞 | |
| CVE-2025-65564 | UPF 安全漏洞 | |
| CVE-2025-63757 | FFmpeg 安全漏洞 | |
| CVE-2025-65565 | UPF 安全漏洞 | |
| CVE-2025-65559 | Open5GS 安全漏洞 | |
| CVE-2025-65561 | free5GC 安全漏洞 | |
| CVE-2025-63387 | dify 安全漏洞 | |
| CVE-2025-56157 | dify 安全漏洞 | |
| CVE-2025-63386 | dify 安全漏洞 | |
| CVE-2025-63390 | AnythingLLM 安全漏洞 | |
| CVE-2025-63388 | dify 安全漏洞 |
Showing top 20 of 23 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2025-65562
No comments yet