Remote Code Injection Vulnerability in free5GC Unified Data Management
CVE-2025-69251

6.6MEDIUM

Key Information:

Vendor

Free5gc

Status
Udm
Vendor
CVE Published:
23 February 2026

What is CVE-2025-69251?

The Unified Data Management (UDM) component of free5GC, utilized in 5G mobile core networks, has been found susceptible to remote code injection. This vulnerability exists in versions up to and including 1.4.1, where attackers can exploit the ueId parameter by injecting control characters (e.g., %00). This leads to internal URL parsing errors revealing sensitive system implementation details and may assist in service fingerprinting attacks. Users of the UDM Nudm_UECM service are strongly advised to apply the fix available in pull request 76 on GitHub, as no immediate application-level workaround exists to mitigate this issue.

Affected Version(s)

udm <= 1.4.1

References

https://github.com/free5gc/free5gc/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/free5gc/free5gc/issues/751
x_refsource_MISC
https://github.com/free5gc/free5gc/issues/76
x_refsource_MISC

CVSS V4

Score:
6.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.