CVE-2021-47705
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-10
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| commax | ums_client | 1.7.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for the use of the COMMAX UMS Client ActiveX Control version 1.7.0.2, specifically looking for calls to the vulnerable functions such as rtsp_forceconnect_login() and rtsp_connect_login() with unusually long string parameters (e.g., user_id, user_pwd, rtsp_addr). Detection can involve analyzing network traffic or application logs for these function calls with excessively long inputs. Additionally, debugging or crash logs showing access violation exceptions (code c0000005) related to CNC_Ctrl.dll may indicate exploitation attempts. Specific commands are not provided in the resources, but monitoring for abnormal ActiveX control usage or crashes involving CNC_Ctrl.dll is recommended. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting the use of the COMMAX UMS Client ActiveX Control version 1.7.0.2, especially in environments where untrusted input can reach it. Avoid using Internet Explorer or other browsers that support this vulnerable ActiveX control until a patch or update is available. Monitoring and blocking suspicious inputs to the vulnerable functions (rtsp_forceconnect_login and rtsp_connect_login) can help reduce risk. Since no vendor response or patch is indicated, consider isolating affected systems or applying application whitelisting to prevent exploitation. [2, 3]
Can you explain this vulnerability to me?
This vulnerability is a heap-based buffer overflow in the COMMAX UMS Client ActiveX Control version 1.7.0.2. It occurs because the software does not properly validate the boundaries of string arrays passed to multiple functions, allowing attackers to provide excessively long strings. This can cause heap corruption and enable attackers to execute arbitrary code, potentially gaining system-level access.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to execute arbitrary code on your system with potentially system-level privileges. This could lead to unauthorized control over your device, data theft, system compromise, or further attacks within your network.