Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
6.6

Free5GC UDM exposes internal system details to remote attackers

CVE-2025-69251
Summary

Free5GC's Unified Data Management (UDM) service allows remote attackers to inject malicious characters into system inputs, potentially exposing internal details and aiding in identifying the system's configuration. This affects all versions up to 1.4.1. To fix the issue, update to the latest version of the UDM service, which is available through pull request 76. No immediate action can be taken without applying the patch, but it's highly recommended to do so as soon as possible.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software
VendorProductAffected versionsFix available
free5gc udm <= 1.4.1 –
Original title
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inje...
Original description
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters (e.g., %00) into the ueId parameter, triggering internal URL parsing errors (net/url: invalid control character). This exposes system implementation details and can aid in service fingerprinting. All deployments of free5GC using the UDM Nudm_UECM service may be affected. free5gc/udm pull request 76 contains a fix for the issue. No direct workaround is available at the application level. Applying the official patch is recommended.
nvd CVSS3.1 5.3
nvd CVSS4.0 6.6
Vulnerability type
CWE-20 Improper Input Validation
Published: 24 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026