CVE-2021-47771
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-15

Last updated on: 2026-01-15

Assigner: VulnCheck

Description
RDP Manager 4.9.9.3 contains a denial of service vulnerability in connection input fields that allows local attackers to crash the application. Attackers can add oversized entries in Verbindungsname and Server fields to permanently freeze and crash the software, potentially requiring full reinstallation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-15
Last Modified
2026-01-15
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47771
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cinspiration rdp_manager 4.9.9.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47771 is a local denial of service vulnerability in RDP Manager version 4.9.9.3. It occurs because the application does not restrict the size of input in the 'Verbindungsname' (connection name) and 'Server' fields. A local attacker with privileged access can enter excessively large strings (up to 1024 characters) into these fields, causing the application to freeze, crash, and become permanently unusable. The corrupted data can also be introduced by modifying exported backup files containing the SQLite database and re-importing them, which similarly causes persistent crashes. Recovery requires a full reinstallation and manual deletion of corrupted database files. [1, 2]

Impact Analysis

This vulnerability can cause the RDP Manager software to freeze and crash permanently, resulting in a denial of service. The application becomes unusable until it is fully reinstalled and corrupted database files are manually deleted. This disruption can affect users who rely on RDP Manager for managing remote desktop connections, potentially causing loss of productivity and requiring time-consuming recovery steps. [1, 2]

Detection Guidance

This vulnerability can be detected by checking if the RDP Manager version 4.9.9.3 is installed and by attempting to add or inspect entries in the 'Verbindungsname' and 'Server' fields for oversized input strings (up to 1024 characters). There are no specific network detection commands since the vulnerability is local and requires local privileged access. Detection involves local inspection or testing by entering large strings in the connection input fields or by exporting and examining the SQLite database file 'sqLitedatabase.db3' for malformed entries. No specific command-line tools or commands are provided for detection. [1, 2]

Mitigation Strategies

Immediate mitigation steps include restricting local privileged access to trusted users only, avoiding entering oversized strings in the 'Verbindungsname' and 'Server' fields, and not importing modified or suspicious backup files containing the SQLite database. If the application crashes due to this vulnerability, recovery requires a full reinstallation of RDP Manager 4.9.9.3 and manual deletion of the corrupted SQLite database file 'sqLitedatabase.db3'. Additionally, monitoring and controlling local user actions can help prevent exploitation. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47771. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart