Cyber Resilience

CVE-2021-47798

MediumPublic PoC

Published: 16 January 2026

Published
16 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0039 30.8th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2021-47798 is a medium-severity Classic Buffer Overflow (CWE-120) vulnerability in Noteburner (inferred from references). Its CVSS base score is 6.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 30.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-9 (Information Input Restrictions).

Deeper analysis

CVE-2021-47798 is a buffer overflow vulnerability in NoteBurner version 2.35, affecting the license code input fields labeled 'Name' and 'Code'. This issue, mapped to CWE-120, allows attackers to trigger a crash via oversized input and carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting critical severity due to its potential for high confidentiality, integrity, and availability impacts.

The vulnerability can be exploited by an attacker who generates a 6000-byte payload and pastes it into the 'Name' and 'Code' fields, causing a buffer overflow that crashes the NoteBurner application and results in a denial-of-service condition. Exploitation requires no privileges and is rated as low complexity, with network vector accessibility per the CVSS score.

Advisories and references include a proof-of-concept on Exploit-DB at https://www.exploit-db.com/exploits/50154, a VulnCheck advisory on the NoteBurner denial-of-service PoC at https://www.vulncheck.com/advisories/noteburner-denial-of-service-dos-poc, and the vendor site at https://www.noteburner.com/. No specific patches or mitigation steps are detailed in the provided information.

EU & UK References

Vulnerability details

NoteBurner 2.35 contains a buffer overflow vulnerability in the license code input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the 'Name' and 'Code' fields to trigger an application crash.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Buffer overflow in license input fields directly enables application crash leading to DoS, matching T1499.004 Application or System Exploitation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2020-37212Shared CWE-120
CVE-2025-50648Shared CWE-120
CVE-2020-37187Shared CWE-120
CVE-2020-37206Shared CWE-120
CVE-2025-20115Shared CWE-120
CVE-2021-47797Shared CWE-120
CVE-2025-50654Shared CWE-120
CVE-2020-37213Shared CWE-120
CVE-2018-25294Shared CWE-120
CVE-2024-24419Shared CWE-120

Affected Assets

Noteburner
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Implements input validation on license 'Name' and 'Code' fields to reject oversized payloads, directly preventing the buffer overflow crash.

prevent

Enforces input restrictions such as maximum byte length on license fields to block 6000-byte payloads from triggering the buffer overflow.

prevent

Provides memory protections like stack guards and non-executable memory to mitigate exploitation consequences of the buffer overflow vulnerability.

References