PT-2026-3041 · Unknown · Absolutetelnet

Yehia Elghaly

Publicado

2026-01-15

Atualizado

2026-01-21

CVE-2021-47765

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.24

Description AbsoluteTelnet version 11.24 contains a denial of service issue that allows local attackers to crash the application. This is achieved by manipulating the username and error report fields. Specifically, inserting 1000 characters into the username or email address fields causes the application to become unresponsive. The vulnerable fields are used during application operation.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, limit the number of characters allowed in the username and email address fields.

Exploit

Correção

DoS

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2021-47765

Produtos afetados

Absolutetelnet

PT-2026-3041 · Unknown · Absolutetelnet

CVE-2021-47765

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6