PT-2026-3041 · Unknown · Absolutetelnet
Yehia Elghaly
·
Published
2026-01-15
·
Updated
2026-01-21
·
CVE-2021-47765
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
AbsoluteTelnet version 11.24
Description
AbsoluteTelnet version 11.24 contains a denial of service issue that allows local attackers to crash the application. This is achieved by manipulating the
username and error report fields. Specifically, inserting 1000 characters into the username or email address fields causes the application to become unresponsive. The vulnerable fields are used during application operation.Recommendations
Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, limit the number of characters allowed in the
username and email address fields.Exploit
Fix
DoS
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Absolutetelnet