diff --git a/src/network/kernel/qauthenticator.cpp.orig b/src/network/kernel/qauthenticator.cpp
index 1b8bc76..596c9a0 100644
--- a/src/network/kernel/qauthenticator.cpp.orig
+++ b/src/network/kernel/qauthenticator.cpp
@@ -1224,14 +1224,24 @@ static QByteArray qStringAsUcs2Le(const QString& src)
 }
 
 
-static QString qStringFromUcs2Le(QByteArray src)
+static QString qStringFromUcs2LeTargetName(QByteArray src)
 {
     Q_ASSERT(src.size() % 2 == 0);
     unsigned short *d = (unsigned short*)src.data();
+    unsigned int size = 0;
     for (int i = 0; i < src.size() / 2; ++i) {
+        // Some servers (like WinGate) can leave the null terminator at the end of the Target Name,
+        // but they probably won't accept that when it's sent back in the challenge response.
+        // The null terminator must not be included in the Unicode string
+        // (https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/94a16bb6-c610-4cb9-8db6-26f15f560061),
+        // but we can handle that by truncating the string at the null terminator.
+        if (d[i] == 0) {
+            break;
+        }
+        ++size;
         d[i] = qFromLittleEndian(d[i]);
     }
-    return QString((const QChar *)src.data(), src.size()/2);
+    return QString((const QChar *)src.data(), size);
 }
 
 
@@ -1487,7 +1497,7 @@ static bool qNtlmDecodePhase2(const QByteArray& data, QNtlmPhase2Block& ch)
         if (qsizetype(ch.targetName.len + ch.targetName.offset) > data.size())
             return false;
 
-        ch.targetNameStr = qStringFromUcs2Le(data.mid(ch.targetName.offset, ch.targetName.len));
+        ch.targetNameStr = qStringFromUcs2LeTargetName(data.mid(ch.targetName.offset, ch.targetName.len));
     }
 
     if (ch.targetInfo.len > 0) {