CVE-2021-47775
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| litexmedia | youtube_downloader | 3.9.9.92 |
| litexmedia | youtube_video_grabber | 1.9.9.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in YouTube Video Grabber (version 1.9.9.1) that allows an attacker to overwrite the Structured Exception Handler (SEH). By crafting a malicious payload of 712 bytes with SEH manipulation, an attacker can execute arbitrary code locally. This exploit enables the attacker to trigger a bind shell connection on a specified local port, effectively gaining control over the affected system through the vulnerable application. [2]
How can this vulnerability impact me? :
The vulnerability can allow an attacker to execute arbitrary code on your system by exploiting the buffer overflow in YouTube Video Grabber. This can lead to a local bind shell being opened on your machine, which an attacker can connect to and control remotely. This means the attacker could potentially escalate privileges, execute malicious commands, or take over the affected system through the vulnerable software. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for the presence of the malicious payload usage or the bind shell connection on the specified local port (default port 3110). On the affected system, you can check for unusual listening ports using commands like 'netstat -an | findstr 3110' on Windows to detect if the bind shell is active. Additionally, inspecting the input fields of YouTube Video Grabber for suspicious or unusually long input (such as the crafted payload) may help. Since the exploit involves opening a bind shell on port 3110, network monitoring tools can alert on inbound connections to this port. There is no direct signature-based detection command provided, but monitoring for the bind shell port and unusual application behavior is recommended. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Avoid using YouTube Video Grabber version 1.9.9.1 or upgrade to a later, patched version if available. 2) Restrict local access to the application to trusted users only, as the exploit requires local interaction. 3) Monitor and block inbound connections on the bind shell port (3110) using firewall rules. 4) Educate users not to paste untrusted or suspicious codes into the 'Name and Serial Nummer' input field of the application. 5) If possible, remove or disable the vulnerable application until a fix is applied. [2]