CVE-2021-47895
Published: 23 January 2026
Summary
CVE-2021-47895 is a medium-severity Allocation of Resources Without Limits or Throttling (CWE-770) vulnerability in Nsasoft Nsauditor. Its CVSS base score is 6.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 30.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2021-47895 is a denial-of-service vulnerability in Nsauditor version 3.2.2.0, a network security auditing tool. The flaw allows attackers to crash the application by overwriting the Event Description field with a large buffer, such as a 10,000-character string of 'U' characters pasted into the field. This triggers an unhandled buffer overflow, leading to application termination, and is classified under CWE-770 (Allocation of Resources Without Limits or Throttling).
The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating it is exploitable over the network with low complexity, requiring no privileges or user interaction, and results in high availability impact with no confidentiality or integrity effects. Any remote attacker can achieve this by sending the oversized input to a targeted Nsauditor instance, causing a crash and denying service to legitimate users.
Advisories from VulnCheck and a proof-of-concept exploit on Exploit-DB (ID 49568) document the issue, with the vendor site at nsauditor.com providing product details but no specific patch information in the available references. Security practitioners should upgrade to newer versions if available or discontinue use of the affected release.
A public PoC exploit confirms practical exploitability, though no evidence of widespread real-world attacks is noted in the provided data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-4294
Vulnerability details
Nsauditor 3.2.2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Event Description field with a large buffer. Attackers can generate a 10,000-character 'U' buffer and paste it into the Event Description field…
more
to trigger an application crash.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow input triggers unhandled crash in the target application, directly enabling Endpoint DoS via software exploitation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires validation of inputs to the Event Description field to reject oversized buffers like the 10,000-character string, directly preventing the buffer overflow crash.
Implements denial-of-service protections such as input throttling and resource limits to block remote oversized input attacks that crash Nsauditor.
Restricts the amount of data that can be input into fields like Event Description, mitigating CWE-770 unbounded allocation leading to application termination.