Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib_worker_loop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure.
AnalysisAI
Denial of service in Dotouch XproUPF 2.0.0 through manipulation of the vlib_worker_loop function in libvlib.so allows local authenticated attackers to crash the UPF process. The vulnerability has CVSS 5.1 (AV:A/AC:L/PR:L) and targets availability rather than confidentiality or integrity. No public exploit code or active exploitation has been confirmed; the vendor was notified early during responsible disclosure.
Technical ContextAI
The vulnerability exists in libvlib.so, a core library component of the Dotouch XproUPF packet processing framework. The vlib_worker_loop function is part of the UPF Process component, which handles user plane forwarding logic in 5G/LTE infrastructure. The flaw is classified as CWE-404 (Improper Resource Validation), suggesting the function fails to properly validate or handle resources (memory, file descriptors, or processing state) during worker thread execution. When this validation is bypassed through crafted manipulation, the worker loop enters an invalid state leading to process termination. The attack surface is limited to local access (AV:A) and requires low privilege authenticated sessions (PR:L), constraining exploitation to internal network threats or compromised non-admin accounts.
RemediationAI
Contact Dotouch for an updated version of libvlib.so or XproUPF package that addresses CWE-404 resource validation in vlib_worker_loop. At minimum, apply vendor-released patches when available. If a patched version is not immediately available, implement compensating controls: (1) restrict local network access to XproUPF administrative interfaces using firewall rules or VLANs to limit who can reach the UPF from adjacent networks; (2) enforce strong authentication and audit logging for all local sessions to the UPF to detect suspicious access; (3) deploy process monitoring and automatic restart mechanisms (systemd watchdog, supervisor, or Kubernetes liveness probes) to minimize DoS impact if the vlib_worker_loop process crashes; (4) isolate development/test XproUPF instances from production traffic to reduce blast radius. Trade-off: network isolation may impact operational visibility or management access - coordinate with network operations. Monitor VulDB record 362449 and vendor advisories for patch availability.
Same weakness CWE-404 – Improper Resource Shutdown or Release
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28983
GHSA-637x-347r-m83j