CVE-2021-47788

HighPublic PoC

Published: 16 January 2026

Published

16 January 2026

Modified

30 January 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0015 34.7th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-47788 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Websitebaker Websitebaker. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly addresses unrestricted upload of dangerous types by validating language installation parameters to block arbitrary code execution.

SI-2 Flaw Remediation good match

prevent

Remediates the specific flaw in WebsiteBaker's language installation endpoint through timely identification, reporting, and patching.

AC-6 Least Privilege partial match

prevent

Enforces least privilege to restrict language editing permissions, reducing the number of users able to access and exploit the vulnerable endpoint.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2021-47788 is an authenticated RCE vulnerability in a public-facing web application (WebsiteBaker CMS) via unrestricted file upload in the language installation endpoint, directly mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.

Deeper analysisAI

CVE-2021-47788 is an authenticated remote code execution vulnerability in WebsiteBaker version 2.13.0. It affects the language installation endpoint, where users with language editing permissions can manipulate installation parameters to execute arbitrary code on the server. The vulnerability is rated with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-434 (Unrestricted Upload of File with Dangerous Type).

An attacker requires valid credentials and language editing permissions to exploit this issue over the network with low complexity and no user interaction. Successful exploitation grants high confidentiality, integrity, and availability impacts, enabling full remote code execution on the affected server.

Advisories and proof-of-concept exploits are documented on Exploit-DB (exploit ID 50310) and Vulncheck, with the official WebsiteBaker site at websitebaker.org providing additional context. Practitioners should verify patches or upgrades on the vendor site, as no specific mitigation details are outlined in the core CVE data.