CVE-2021-47781
Published: 15 January 2026
Summary
CVE-2021-47781 is a medium-severity Out-of-bounds Write (CWE-787) vulnerability. Its CVSS base score is 6.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 16.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2021-47781 is a buffer overflow vulnerability (CWE-787) affecting Cmder Console Emulator version 1.3.18. The flaw occurs when the application processes a maliciously crafted .cmd file containing repeated characters, which overwhelms the console emulator's buffer and triggers a denial of service condition by crashing the application. The vulnerability received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with potential for high impacts across confidentiality, integrity, and availability.
Any remote attacker without privileges or user interaction can exploit this vulnerability by creating and delivering a specially constructed .cmd file to a targeted system running the affected Cmder version. Upon processing the file, the buffer overflow causes the application to crash, resulting in a denial of service. The high CVSS impact scores suggest potential for broader compromise beyond just crashing, though the primary effect described is application termination.
References include the official Cmder GitHub repository at https://github.com/cmderdev/cmder and an Exploit-DB entry at https://www.exploit-db.com/exploits/50401, which provides details on the vulnerability and likely a proof-of-concept exploit. No specific patch or mitigation details are outlined in the available information, but practitioners should check the repository for updates beyond version 1.3.18. The CVE was published on 2026-01-15.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2757
Vulnerability details
Cmder Console Emulator 1.3.18 contains a buffer overflow vulnerability that allows attackers to trigger a denial of service condition through a maliciously crafted .cmd file. Attackers can create a specially constructed .cmd file with repeated characters to overwhelm the console…
more
emulator's buffer and crash the application.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow triggered by crafted .cmd file enables initial access via malicious file execution, with CVSS impacts suggesting possible RCE or DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the buffer overflow flaw in Cmder by identifying, reporting, and applying patches or updates from the official repository.
Requires validation of .cmd file inputs to reject maliciously crafted files with repeated characters that trigger the buffer overflow.
Implements memory safeguards like address space layout randomization and stack canaries to protect against buffer overflow exploitation leading to crash or compromise.