CVE-2021-47894
Unknown Unknown - Not Provided

Denial of Service via Buffer Overflow in Managed Switch Port Mapping Tool

Vulnerability report for CVE-2021-47894, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-23

Last updated on: 2026-01-23

Assigner: VulnCheck

Description

Managed Switch Port Mapping Tool 2.85.2 contains a denial of service vulnerability that allows attackers to crash the application by creating an oversized buffer. Attackers can generate a 10,000-character buffer and paste it into the IP Address and SNMP Community Name fields to trigger the application crash.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-23
Last Modified
2026-01-23
Generated
2026-07-06
AI Q&A
2026-01-23
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
northwest_performance_software managed_switch_port_mapping_tool 2.85.2
northwest_performance_software managed_switch_port_mapping_tool 2.88

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a denial of service issue in Managed Switch Port Mapping Tool version 2.85.2. It occurs because the application does not properly handle very large input buffers. An attacker can create a 10,000-character long string and paste it into the IP Address and SNMP Community Name fields, which causes the application to crash or become unresponsive due to resource exhaustion. [3, 4]

Impact Analysis

The impact of this vulnerability is a denial of service condition where the Managed Switch Port Mapping Tool application crashes or becomes unresponsive. This can disrupt network management activities, potentially causing downtime or delays in identifying and managing network devices. [3, 4]

Detection Guidance

This vulnerability can be detected by attempting to reproduce the denial of service condition by inputting an oversized buffer (e.g., a 10,000-character string) into the IP Address and SNMP Community Name fields of the Managed Switch Port Mapping Tool version 2.85.2. A proof-of-concept exploit uses a Python script to generate such a large buffer and then pastes it into these fields, causing the application to crash. There are no specific network commands provided to detect this vulnerability remotely; detection involves testing the application input handling as described. [3]

Mitigation Strategies

Immediate mitigation steps include avoiding pasting or entering excessively large input strings (such as 10,000-character buffers) into the IP Address and SNMP Community Name fields of the Managed Switch Port Mapping Tool version 2.85.2. Additionally, updating the software to a later version where this vulnerability is fixed or applying any available patches is recommended. Since the vulnerability requires user interaction and local access, restricting access to trusted users and environments can also reduce risk. [4]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47894. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart