CVE-2021-47814
BaseFortify
Publication date: 2026-01-16
Last updated on: 2026-01-16
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | nbmonitor | 1.6.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47814 is a denial of service vulnerability in NBMonitor version 1.6.8 caused by a buffer overflow. The application fails to properly check the size of input in the registration code input field. An attacker can exploit this by pasting a 256-character buffer into the registration key field, which overflows the buffer and crashes the application, potentially causing system instability. [1, 2]
How can this vulnerability impact me? :
This vulnerability can cause NBMonitor 1.6.8 to crash when an attacker inputs a specially crafted 256-character registration key. The crash results in a denial of service, making the application unavailable and potentially causing system instability. This can disrupt normal operations and affect availability of the affected system. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to reproduce the crash condition on the NBMonitor 1.6.8 application. Specifically, you can create a buffer of 256 characters (e.g., 256 'A's) and paste it into the registration code input field of the application. Steps include copying a 256-character string to the clipboard, opening the 'Enter Registration Code' dialog in NBMonitor, entering any input in the 'Name' field, pasting the buffer into the 'Key' field, and clicking 'Ok' to observe if the application crashes. A simple Python script can be used to generate the 256-character buffer for testing. There are no specific network commands since this is a local application vulnerability triggered via user interaction. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps are not explicitly detailed in the provided resources. However, general best practices would include avoiding pasting or entering excessively long registration codes (256 characters) into the NBMonitor 1.6.8 registration key field to prevent triggering the crash. Additionally, consider restricting user access to the registration interface or disabling the registration feature if possible until a patch or update is available. Monitoring for application crashes and system instability related to NBMonitor usage is also advisable. [1, 2]