Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-56766— Hydra - Stack Buffer Overflow in NTLM Authentication Handler

CVSS 8.8 · High EPSS 0.47% · P38

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 2

VendorProductVersion RangeStatus
vanhauser-thcthc-hydra≤ 9.7affected
9cc84c20e75f5fef6bb1790bb9ada2afad2204e2unaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-56766

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Hydra - Stack Buffer Overflow in NTLM Authentication Handler
Source: NVD (National Vulnerability Database)
Vulnerability Description
Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing base64-encoded response data to overflow a 500-byte stack buffer by 18 to 330 bytes, enabling remote code execution on systems without stack protection.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
vanhauser-thc thc-hydra 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
vanhauser-thc thc-hydra是vanhauser-thc个人开发者开源的一款网络认证破解工具。 vanhauser-thc thc-hydra 9.7及之前版本存在缓冲区错误漏洞,该漏洞源于处理恶意NTLM Type-2挑战时SMTP、POP3、IMAP、NNTP、HTTP、HTTP-Proxy和HTTP-Proxy-Urlenum模块中的NTLM身份验证存在栈缓冲区溢出,恶意服务器可通过发送包含超长域字符串的特制NTLM Type-2挑战,使base64编码响应数据溢出500字节的栈缓
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
vanhauser-thcthc-hydra 0 ~ 9.7 -

II. Public POCs for CVE-2026-56766

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-56766

登录查看更多情报信息。

Patches & Fixes for CVE-2026-56766 (1)

Vendor Advisories for CVE-2026-56766 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-56766

No comments yet


Leave a comment