vulnerability
FreeBSD: VID-f55921aa-10c9-11ec-8647-00e0670f2660: MPD5 PPPoE Server remotely exploitable crash
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 9, 2021 | Nov 4, 2022 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 9, 2021
Added
Nov 4, 2022
Modified
Dec 10, 2025
Description
Version 5.9_2 contains security fix for PPPoE servers. Insufficient validation of incoming PPPoE Discovery request specially crafted by unauthenticated user might lead to unexpected termination of the process. The problem affects mpd versions since 5.0. Installations not using PPPoE server configuration were not affected.
Solution
freebsd-upgrade-package-mpd5
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.