CVE-2021-47831
Published: 16 January 2026
Summary
CVE-2021-47831 is a medium-severity Improper Validation of Specified Quantity in Input (CWE-1284) vulnerability in Sandboxie Plus (inferred from references). Its CVSS base score is 4.6 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 9.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2021-47831 is a denial of service vulnerability in Sandboxie version 5.49.7. The flaw occurs when attackers overflow the container folder input field, such as by pasting a large buffer of repeated characters into the Sandbox container folder setting, causing the application to crash.
The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it is exploitable over the network with low complexity, no privileges or user interaction required, and results in high impact to availability with no effects on confidentiality or integrity. Unauthenticated remote attackers can trigger the crash, denying service to Sandboxie users.
Advisories and references are available from sources including the Sandboxie-Plus website (https://sandboxie-plus.com/), Vulncheck (https://www.vulncheck.com/advisories/sandboxie-denial-of-service), and Exploit-DB (https://www.exploit-db.com/exploits/49844), which documents a proof-of-concept exploit. No specific patch or mitigation details are detailed in the provided information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2893
Vulnerability details
Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an…
more
application crash.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow input crash directly enables application DoS via exploitation (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-10 requires validation of information inputs, directly preventing buffer overflows in the Sandboxie container folder input field by enforcing bounds and content checks.
SI-11 mandates graceful error handling for unexpected inputs, preventing application crashes from overflowing the container folder field.
SC-5 provides denial-of-service protection mechanisms tailored to limit the impact of remote exploits causing high availability disruptions like the Sandboxie crash.