CVE-2021-47765 | THREATINT

Description

AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields. Attackers can trigger the crash by inserting 1000 characters into the username or email address fields, causing the application to become unresponsive.

PUBLISHED Reserved 2026-01-14 | Published 2026-01-15 | Updated 2026-01-26 | Assigner VulnCheck

MEDIUM: 6.7CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

Out-of-bounds Write

Product status

11.24

affected

Credits

Yehia Elghaly finder

References

www.exploit-db.com/exploits/50510 (ExploitDB-50510) exploit

www.celestialsoftware.net/ (Vendor Homepage) product

cve.org (CVE-2021-47765)

nvd.nist.gov (CVE-2021-47765)

Download JSON