Zero Day MonitorZDM

← Back to list

5.8

CVE-2026-55706PATCHED

openbsd · openbsd

CVE-2026-55706: sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values f

Description

The sppp_pap_input() function in OpenBSD's PPP PAP authentication handler allows attackers to bypass authentication by sending a PAP Auth-Request with zero-length name and password fields. The bcmp() function returns 0 for zero-length comparisons, enabling credentialless authentication. A secondary heap over-read vulnerability exists when name_len exceeds the allocated credential buffer size.

Affected Products

Vendor	Product	Versions
openbsd	openbsd	0

References

Related News (3 articles)

Tier C

VulDB1h ago

CVE-2026-55706 | OpenBSD sys/net/if_spppsubr.c sppp_pap_input improper validation of specified quantity in input

→ No new info (linked only)

Tier C

oss-security9h ago

OpenBSD sppp_pap_input: PAP authentication bypass

→ No new info (linked only)

Tier B

BSI Advisories70d ago

[NEU] [mittel] OpenBSD: Schwachstelle ermöglicht nicht spezifizierten Angriff

→ No new info (linked only)

CVSS 3.15.8 MEDIUM

VectorCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

CISA KEV❌ No

Actively exploited❌ No

Patch available

076e2b1c1fc4ac0883a72d3544131ad5cee7adf8

CWECWE-1284, CWE-20, CWE-119

PublishedJun 17, 2026

Last enriched1h agov2

Tags

remote attackunspecified vulnerabilityimproper validationauthentication bypasspppoeopenbsd

Trending Score36

Source articles4

Independent3

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

OpenBSD sppp_pap_input PAP Authentication Bypass Vulnerability

HIGHCVE-2026-35385

CVE-2026-35385: In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' e

LOWCVE-2026-35388

CVE-2026-35388: OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.

LOWCVE-2026-35386EXP

CVE-2026-35386: In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This r

MEDIUMCVE-2026-35414EXP

CVE-2026-35414: OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list i

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 17, 2026

Exploit Available

Jun 17, 2026

Patch Available

Jun 17, 2026

Discovered by ZDM

Jun 17, 2026

Updated: description, tags

Jun 17, 2026

Version History

v2

Last enriched 1h ago

v2Tier C1h ago

Updated description with more technical detail, marked exploit availability as false, and added new tag 'improper validation'.

descriptiontags

via VulDB

v13h ago

Initial creation