PT-2026-6832 · Unknown · Absolutetelnet

Chuyreds

Publicado

2026-02-06

Atualizado

2026-02-19

CVE-2020-37166

CVSS v3.1

6.2

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.12

Description The software contains a denial of service issue in the SSH2 username input field. Local attackers can cause the application to crash by overwriting the username field with a 1000-byte buffer, leading to unresponsiveness and termination. The affected API endpoint is related to SSH2 username input.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict the length of the username input field to less than 1000 bytes.

Exploit

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120

Identificadores relacionados

CVE-2020-37166

Produtos afetados

Absolutetelnet

PT-2026-6832 · Unknown · Absolutetelnet

CVE-2020-37166

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7