Primary

Context

AbsoluteTelnet Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in AbsoluteTelnet version 11.24. This issue allows local attackers to crash the application by manipulating the username and error report fields. The vulnerability can be exploited by inserting 1000 characters into the username or email address fields, causing the application to become unresponsive.

Impact

Exploitation of this vulnerability leads to a crash of the AbsoluteTelnet application, causing it to become unresponsive.

Reproduction

To reproduce this vulnerability, download and install AbsoluteTelnet version 11.24. After installation, a Python script can be used to create a text file containing 1000 characters. This file can then be used to fill the 'Username' or 'Your Email Address (optional)' fields in the application. Once the 'OK' button or 'Send Error Report' button is pressed, the application will crash.

Added: Jan 15, 2026, 4:54 PM

Updated: Jan 15, 2026, 4:54 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AbsoluteTelnet Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating