CVE-2021-47814

Name of the Vulnerable Software and Affected Versions NBMonitor version 1.6.8

Description NBMonitor version 1.6.8 is subject to a denial of service condition. An attacker can cause the application to crash by providing a specially crafted input to the registration code field. Specifically, pasting a 256-character buffer into the registration key field triggers an application crash and potential system instability. The vulnerable input field is associated with the application’s registration process.

Recommendations Update to a newer version of NBMonitor that addresses this issue. As a temporary workaround, limit the input length allowed in the registration key field to prevent the buffer overflow.