Primary

Context

AbsoluteTelnet Denial-of-Service Vulnerability in SSH2 Username Input

Vulnerability

A denial-of-service vulnerability has been identified in AbsoluteTelnet version 11.12. The issue resides in the SSH2 username input field, where local attackers can crash the application by overwriting the username with a 1000-byte buffer. This action causes the application to become unresponsive and terminate.

Impact

Exploitation of this vulnerability leads to a crash of the AbsoluteTelnet application, causing it to become unresponsive and terminate prematurely.

Reproduction

To reproduce this vulnerability, first run a Python script that generates a 1000-byte buffer and saves it to a text file. Then, open AbsoluteTelnet and create a new connection file, selecting the SSH2 protocol and the option to use the last username. Paste the buffered content into the username field and confirm. This action will cause the application to crash.

Added: Feb 7, 2026, 12:24 AM

Updated: Feb 7, 2026, 12:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AbsoluteTelnet Denial-of-Service Vulnerability in SSH2 Username Input

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating