CVE-2021-47765

MEDIUM

Celestialsoftware Absolutetelnet - Out-of-Bounds Write

Title source: rule

Description

AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields. Attackers can trigger the crash by inserting 1000 characters into the username or email address fields, causing the application to become unresponsive.

Exploits (1)

exploitdb WORKING POC
by Yehia Elghaly · pythondoswindows
https://www.exploit-db.com/exploits/50510

References (2)

Scores

CVSS v3 5.5
EPSS 0.0001
EPSS Percentile 0.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-787
Status published
Products (1)
celestialsoftware/absolutetelnet 11.24
Published Jan 15, 2026
Tracked Since Feb 18, 2026