Cyber Resilience

CVE-2021-47774

HighPublic PoC

Published: 15 January 2026

Published
15 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0050 38.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2021-47774 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Informer (inferred from references). Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 38.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2021-47774 is a buffer overflow vulnerability (CWE-787) affecting Kingdia CD Extractor version 3.0.2, specifically in the registration name field. The flaw enables attackers to execute arbitrary code by submitting a malicious payload exceeding 256 bytes, which overwrites the Structured Exception Handler (SEH).

Remote attackers can exploit this vulnerability over the network with low complexity, requiring no privileges or user interaction, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Successful exploitation allows attackers to achieve remote code execution through a bind shell, providing high-impact access to the affected system.

References point to the Kingdia CD Extractor informer page and an Exploit-DB entry (exploit 50470), the latter documenting a proof-of-concept for the vulnerability. No vendor advisories or patches are specified in the available information.

EU & UK References

Vulnerability details

Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Exception Handler and gain remote code execution…

more

through a bind shell.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is a remotely exploitable buffer overflow (AV:N/AC:L/PR:N/UI:N) in a network-accessible application, directly enabling exploitation of public-facing software for unauthenticated remote code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-27807Shared CWE-787
CVE-2024-48856Shared CWE-787
CVE-2025-14234Shared CWE-787
CVE-2018-25223Shared CWE-787
CVE-2018-25154Shared CWE-787
CVE-2024-57704Shared CWE-787
CVE-2025-29384Shared CWE-787
CVE-2024-12648Shared CWE-787
CVE-2025-30276Shared CWE-787
CVE-2025-25746Shared CWE-787

Affected Assets

Informer
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the buffer overflow vulnerability in Kingdia CD Extractor by applying patches or removing the affected software version.

prevent

Implements memory protections like DEP and ASLR to prevent exploitation of the buffer overflow via SEH overwrite for remote code execution.

prevent

Requires validation of inputs such as the registration name field to reject oversized payloads exceeding 256 bytes that trigger the buffer overflow.

References