CVE-2021-47759
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-15

Last updated on: 2026-01-15

Assigner: VulnCheck

Description
MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerability that allows local attackers to view SSH connection passwords through Windows PowerShell process listing. Attackers can run a PowerShell command to retrieve the full command line of MTPutty processes, exposing plaintext SSH credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-15
Last Modified
2026-01-15
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47759
EUVD
EUVD-2026-2776
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ttyplus mtpwtty 1.0.1.21
ttyplus mtpwtty 1.8.5_beta
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-522 The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in MTPutty version 1.0.1.21 allows local attackers to view SSH connection passwords in plaintext by accessing the Windows PowerShell process listing. Specifically, attackers can run a PowerShell command to retrieve the full command line of MTPutty processes, which includes the SSH passwords passed as command line arguments, exposing sensitive information. [2]

Impact Analysis

The vulnerability can lead to disclosure of SSH passwords to any local user with sufficient privileges to query running processes. This means an attacker with local access to the affected system can obtain plaintext SSH credentials, potentially allowing unauthorized access to SSH servers and compromising system security. [2]

Detection Guidance

This vulnerability can be detected by checking the command line arguments of running putty.exe processes to see if SSH passwords are exposed in plaintext. A suggested command to detect this on a Windows system is: Get-WmiObject Win32_Process | select name, commandline | findstr putty.exe [2]

Mitigation Strategies

Immediate mitigation steps include restricting local user access to systems running MTPutty 1.0.1.21 to prevent unauthorized process inspection, avoiding storing passwords in command line parameters, and updating or replacing MTPutty with a version that does not expose passwords in process command lines. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47759. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart