📄 strongSwan 4.5.0 EAP-TTLS Integer Underflow

This Metasploit auxiliary module is designed to detect a vulnerability in strongSwan's EAP-TTLS implementation, identified as CVE-2026-25075. The issue is related to an integer underflow in the handling of AVP Attribute-Value Pair length fields during IKE-related UDP communication...

SUSE CVE-2026-25075

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...