Cyber Resilience

CVE-2021-47815

MediumPublic PoC

Published: 16 January 2026

Published
16 January 2026
Modified
01 May 2026
KEV Added
Patch
CVSS Score v4 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0003 10.8th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-47815 is a medium-severity Classic Buffer Overflow (CWE-120) vulnerability in Nsasoft Nsauditor. Its CVSS base score is 6.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 10.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2021-47815 is a denial of service vulnerability in Nsauditor 3.2.3, a network security auditing tool. The flaw occurs in the registration code input field, known as the 'Key' field, where attackers can paste a large buffer consisting of 256 repeated characters to trigger an application crash. This issue maps to CWE-120 (Buffer Copy without Checking Size of Input) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity due to its impact on availability.

Any unauthenticated attacker can exploit this vulnerability over the network with low attack complexity and no user interaction or privileges required. Exploitation causes the Nsauditor application to crash, resulting in a denial of service that disrupts the tool's functionality for affected users.

Advisories and references include the vendor site at http://www.nsauditor.com, a proof-of-concept exploit documented at https://www.exploit-db.com/exploits/49965, and a VulnCheck advisory at https://www.vulncheck.com/advisories/nsauditor-denial-of-service-poc. Security practitioners should review these sources for any available patches or mitigation guidance.

EU & UK References

Vulnerability details

Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Buffer overflow in input field directly enables application crash for DoS via exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2020-37130Same product: Nsasoft Nsauditor
CVE-2021-47895Same product: Nsasoft Nsauditor
CVE-2020-37205Same vendor: Nsasoft
CVE-2020-37119Same product: Nsasoft Nsauditor
CVE-2020-37204Same vendor: Nsasoft
CVE-2020-37211Same vendor: Nsasoft
CVE-2020-37209Same vendor: Nsasoft
CVE-2020-37199Same vendor: Nsasoft
CVE-2020-37206Same vendor: Nsasoft
CVE-2018-25213Same product: Nsasoft Nsauditor

Affected Assets

nsasoft
nsauditor
≤ 3.2.7

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the buffer overflow by requiring validation of input size and content in the registration 'Key' field to prevent crashes from oversized buffers.

prevent

Mandates identification, reporting, and timely remediation of the specific buffer copy without size check flaw in Nsauditor 3.2.3.

preventdetect

Implements mechanisms to limit or detect denial-of-service events like the network-accessible application crash triggered by repeated character buffers.

References