CVE-2021-47814

HighPublic PoC

Published: 16 January 2026

Published

16 January 2026

Modified

29 January 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0002 4.4th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-47814 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Nsasoft Nbmonitor. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SC-27 Platform-independent Applications

addresses: CWE-120

Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.

NVD Description

NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential…

system instability.

Deeper analysisAI

CVE-2021-47814 is a denial-of-service vulnerability in NBMonitor version 1.6.8, stemming from a buffer overflow in the registration code input field, classified as CWE-120. Attackers can trigger an application crash and potential system instability by pasting a 256-character buffer into the registration key field. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its high availability impact.

The vulnerability enables remote exploitation over the network with low complexity, requiring no authentication privileges or user interaction. Unauthenticated attackers can achieve a crash of the NBMonitor application, disrupting its functionality and potentially causing broader system instability.

References include advisories and proof-of-concept exploits, such as Exploit-DB entry 49964 and a VulnCheck advisory on the NBMonitor denial-of-service PoC, along with details from nsauditor.com. No specific patches or mitigation steps are outlined in the provided references.

Details

CWE(s): CWE-120

Affected Products

nsasoft

nbmonitor

1.6.8

CVEs Like This One

CVE-2020-37199Same product: Nsasoft Nbmonitor

CVE-2020-37207Same vendor: Nsasoft

CVE-2020-37130Same vendor: Nsasoft

CVE-2020-37212Same vendor: Nsasoft

CVE-2020-37201Same vendor: Nsasoft

CVE-2020-37206Same vendor: Nsasoft

CVE-2020-37211Same vendor: Nsasoft

CVE-2020-37196Same vendor: Nsasoft

CVE-2021-47815Same vendor: Nsasoft

CVE-2020-37204Same vendor: Nsasoft

References

http://www.nsauditor.com
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/49964
Exploit, Third Party Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/nbmonitor-denial-of-service-poc
Third Party Advisory · disclosure@vulncheck.com