CVE-2026-40246

Published: Apr 17, 2026 Last Modified: Apr 17, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,7

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP 404 response when validation fails. Execution continues and the subscription is deleted regardless. An unauthenticated attacker with access to the 5G Service Based Interface can delete arbitrary Traffic Influence Subscriptions by supplying any value for the influenceId path segment, while the API misleadingly returns a 404 Not Found response. A patched version was not available at the time of publication.

285

Improper Authorization

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Access Control

Potential Impacts:

Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands

Applicable Platforms

Technologies: Database Server, Not Technology-Specific, Web Server

Likelihood of Exploit: High

View CWE Details

https://github.com/free5gc/free5gc/security/advisories/GHSA…

https://github.com/free5gc/free5gc/security/advisories/GHSA-g9cw-qwhf-24jp

CVE-2026-40246

Description

Improper Authorization

Common Consequences

Applicable Platforms

Iscriviti alla newsletter