CVE-2021-47774

CriticalPublic PoC

Published: 15 January 2026

Published

15 January 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0010 28.1th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Exception Handler and gain remote code execution…

through a bind shell.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the buffer overflow vulnerability in Kingdia CD Extractor by applying patches or removing the affected software version.

SI-16 Memory Protection good match

prevent

Implements memory protections like DEP and ASLR to prevent exploitation of the buffer overflow via SEH overwrite for remote code execution.

SI-10 Information Input Validation good match

prevent

Requires validation of inputs such as the registration name field to reject oversized payloads exceeding 256 bytes that trigger the buffer overflow.

Security SummaryAI

CVE-2021-47774 is a buffer overflow vulnerability (CWE-787) affecting Kingdia CD Extractor version 3.0.2, specifically in the registration name field. The flaw enables attackers to execute arbitrary code by submitting a malicious payload exceeding 256 bytes, which overwrites the Structured Exception Handler (SEH).

Remote attackers can exploit this vulnerability over the network with low complexity, requiring no privileges or user interaction, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Successful exploitation allows attackers to achieve remote code execution through a bind shell, providing high-impact access to the affected system.

References point to the Kingdia CD Extractor informer page and an Exploit-DB entry (exploit 50470), the latter documenting a proof-of-concept for the vulnerability. No vendor advisories or patches are specified in the available information.

Details

CWE(s): CWE-787

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is a remotely exploitable buffer overflow (AV:N/AC:L/PR:N/UI:N) in a network-accessible application, directly enabling exploitation of public-facing software for unauthenticated remote code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://kingdia-cd-extractor.informer.com/
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/50470
disclosure@vulncheck.com