Cyber Posture

CVE-2021-47786

HighPublic PoC

Published: 16 January 2026

Published
16 January 2026
Modified
09 February 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0001 2.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-47786 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Redragon M725-Lit Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 2.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-16 Memory Protection
addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

NVD Description

Redragon Gaming Mouse driver contains a kernel-level vulnerability that allows attackers to trigger a denial of service by sending malformed IOCTL requests. Attackers can send a crafted 2000-byte buffer with specific byte patterns to the REDRAGON_MOUSE device to crash the…

more

kernel driver.

Deeper analysisAI

CVE-2021-47786 is a kernel-level vulnerability in the Redragon Gaming Mouse driver, classified as CWE-787. The flaw enables attackers to trigger a denial of service by sending malformed IOCTL requests, specifically a crafted 2000-byte buffer with particular byte patterns to the REDRAGON_MOUSE device, causing the kernel driver to crash. It carries a CVSS score of 7.5 under CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, highlighting high availability impact with no confidentiality or integrity effects.

Unauthenticated remote attackers can exploit this vulnerability with low complexity and no user interaction, as indicated by the CVSS vector. Exploitation involves delivering the malformed buffer to the affected driver, resulting in a kernel crash and system denial of service.

Advisories and proof-of-concept exploits are documented in references such as the Quadron Research Lab GitHub repository, Exploit-DB entry 50322, Vulncheck advisory on the Redragon Gaming Mouse denial of service, and the vendor site at redragonzone.com. No specific patch or mitigation details are outlined in the provided references.

Details

CWE(s)
CWE-787

Affected Products

redragon
m725-lit firmware
all versions
redragon
m617-lit firmware
all versions
redragon
m910-ks firmware
all versions
redragon
m801p-rgb firmware
all versions
redragon
m602-ks firmware
all versions
redragon
m914w-rgb firmware
all versions
redragon
m816-pro firmware
all versions
redragon
m602a-rgb firmware
all versions
redragon
m721 firmware
all versions
redragon
m602aw-rgb firmware
all versions
+4 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2025-20890Shared CWE-787
CVE-2019-25681Shared CWE-787
CVE-2026-23715Shared CWE-787
CVE-2025-21161Shared CWE-787
CVE-2026-21327Shared CWE-787
CVE-2025-21042Shared CWE-787
CVE-2026-3094Shared CWE-787
CVE-2026-27703Shared CWE-787
CVE-2026-31698Shared CWE-787
CVE-2025-20888Shared CWE-787

References