How is CVE-2026-44325 exploited?

Network reachability (required): The vulnerable endpoint is exposed over the network; an attacker must be able to send HTTP POST requests to the NRF SBI interface to trigger the panic. Authentication (not-required): No credentials or session token are needed; the /oauth2/token endpoint accepts unauthenticated form-encoded requests, which is the vector the attacker exploits. Victim interaction (not-required): Exploitation is entirely server-side; no user action or interaction from an operator or subscriber is required. Attack complexity (info): Exploit conditions are reliable and free of environmental dependencies: a single crafted form-encoded POST request is sufficient to trigger the panic, and the attack is unconditionally repeatable.

What is the impact of CVE-2026-44325?

The NRF service crashes (panic recovered as HTTP 500) on every malformed request, making the Network Repository Function unavailable to all NFs that depend on it for service discovery and OAuth2 token issuance. Because the panic is remotely and repeatedly triggerable, an attacker can sustain a denial-of-service condition without any rate limit imposed by authentication or complexity barriers. Downstream 5G core network functions (AMF, SMF, UPF, etc.) that register with or query the NRF lose the ability to discover peer services, which can cascade into a full core-network outage. No confidential data is read and no stored data is modified; impact is limited to availability.

Back to search

HIGHCVE-2026-44325Published 2026-05-27Modified 2026-05-27CNA GitHub_M

CVE-2026-44325: free5GC: NRF POST /oauth2/token structured-form parser type-confusion panic family (Reflect.Set on incompatible types)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in NFs/nrf/internal/sbi/api_accesstoken.go reflects over models.NrfAccessTokenAccessTokenReq, special-cases only plain string and NrfNfManagementNfType fields, and treats every other field as if it were a single models.PlmnId. The parsed *models.PlmnId is then assigned with reflect.Value.Set() to whichever field name the attacker put in the form body, which panics whenever the destination field's real type is incompatible (slice, different struct, primitive). Gin recovery converts each panic into HTTP 500, but the endpoint remains remotely panicable from a single unauthenticated form-encoded request and is repeatedly triggerable. This vulnerability is fixed in 4.2.2.

HarborGuard Analysis

HarborGuard analysis

Synopsis

A type-confusion bug in free5GC's NRF token endpoint allows a remote, unauthenticated attacker to panic the NRF service with a single crafted HTTP request. The parser in POST /oauth2/token uses Go reflection to assign form fields to struct members without checking type compatibility, causing a panic when the destination field type is a slice, a different struct, or a primitive. Gin recovery catches each panic and returns HTTP 500, but the endpoint remains indefinitely triggerable, making sustained denial of service straightforward. HarborGuard is tracking this advisory; no upstream fix version has been published yet.

HarborGuard Coverage

Detection

Detection for CVE-2026-44325 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle free5GC NRF components.

Available

Triage

Triage is available using the CVSS v3.1 score of 7.5 (HIGH), weighted against each customer org's compliance policy to determine urgency tier and route the finding to the appropriate team inbox.

Available

Patch

Because no fix version has been published upstream, HarborGuard re-evaluates this advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment a fix is released. In the interim, compensating-control guidance (network-policy isolation, egress filtering) is surfaced alongside the finding for customers who opt into advisory recommendations.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable endpoint is exposed over the network; an attacker must be able to send HTTP POST requests to the NRF SBI interface to trigger the panic.
AuthenticationNot required
No credentials or session token are needed; the /oauth2/token endpoint accepts unauthenticated form-encoded requests, which is the vector the attacker exploits.
Victim interactionNot required
Exploitation is entirely server-side; no user action or interaction from an operator or subscriber is required.
Attack complexityDetail
Exploit conditions are reliable and free of environmental dependencies: a single crafted form-encoded POST request is sufficient to trigger the panic, and the attack is unconditionally repeatable.

Blast Radius

The NRF service crashes (panic recovered as HTTP 500) on every malformed request, making the Network Repository Function unavailable to all NFs that depend on it for service discovery and OAuth2 token issuance.
Because the panic is remotely and repeatedly triggerable, an attacker can sustain a denial-of-service condition without any rate limit imposed by authentication or complexity barriers.
Downstream 5G core network functions (AMF, SMF, UPF, etc.) that register with or query the NRF lose the ability to discover peer services, which can cascade into a full core-network outage.
No confidential data is read and no stored data is modified; impact is limited to availability.

How HarborGuard Handles This

Available on HarborGuard: scanning for CVE-2026-44325 is active and matches any image that contains an affected version of free5GC (prior to 4.2.2) as soon as the image is pushed or on the next scheduled scan cycle. Because no upstream fix exists yet, HarborGuard monitors the advisory on every ingest cycle and will surface a patched-image rebuild automatically once version 4.2.2 or a subsequent fix is published upstream. For customers who opt into auto-remediation, the rebuild, regression-test run, and PR against affected workloads will be triggered without manual intervention at that point. While no fix is available, customers are encouraged to apply compensating controls: restrict network access to the NRF SBI interface using Kubernetes NetworkPolicy or an equivalent network-layer filter so that only authorized NFs can reach POST /oauth2/token, and consider placing the NRF behind an API gateway that enforces strict content-type and field-name allowlisting to reduce the attack surface.

See how HarborGuard automates this

CVSS v3.1: 7.5
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

free5gc / free5gc
< 4.2.2

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References