CVE-2021-47814
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-16

Last updated on: 2026-01-16

Assigner: VulnCheck

Description
NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential system instability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-16
Last Modified
2026-01-16
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47814
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
unknown_vendor nbmonitor 1.6.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47814 is a denial of service vulnerability in NBMonitor version 1.6.8 caused by a buffer overflow. The application fails to properly check the size of input in the registration code input field. An attacker can exploit this by pasting a 256-character buffer into the registration key field, which overflows the buffer and crashes the application, potentially causing system instability. [1, 2]

Impact Analysis

This vulnerability can cause NBMonitor 1.6.8 to crash when an attacker inputs a specially crafted 256-character registration key. The crash results in a denial of service, making the application unavailable and potentially causing system instability. This can disrupt normal operations and affect availability of the affected system. [1, 2]

Detection Guidance

This vulnerability can be detected by attempting to reproduce the crash condition on the NBMonitor 1.6.8 application. Specifically, you can create a buffer of 256 characters (e.g., 256 'A's) and paste it into the registration code input field of the application. Steps include copying a 256-character string to the clipboard, opening the 'Enter Registration Code' dialog in NBMonitor, entering any input in the 'Name' field, pasting the buffer into the 'Key' field, and clicking 'Ok' to observe if the application crashes. A simple Python script can be used to generate the 256-character buffer for testing. There are no specific network commands since this is a local application vulnerability triggered via user interaction. [2]

Mitigation Strategies

Immediate mitigation steps are not explicitly detailed in the provided resources. However, general best practices would include avoiding pasting or entering excessively long registration codes (256 characters) into the NBMonitor 1.6.8 registration key field to prevent triggering the crash. Additionally, consider restricting user access to the registration interface or disabling the registration feature if possible until a patch or update is available. Monitoring for application crashes and system instability related to NBMonitor usage is also advisable. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47814. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart