What is the CVSS score of CVE-2021-47791?

CVE-2021-47791 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Smartftp are affected by CVE-2021-47791?

Organizations using SmartFTP Client 10.0.2909.0 face notable risk from CVE-2021-47791 rated CVSS 7.5. Exploitation could compromise the security of affected deployments.

Is there a public PoC exploit available for CVE-2021-47791?

Yes, a public proof-of-concept exploit is available for CVE-2021-47791. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2021-47791?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Smartftp CVE-2021-47791

HIGH

Allocation of Resources Without Limits or Throttling (CWE-770)

2026-01-16 disclosure@vulncheck.com

Denial Of Service Smartftp

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 30, 2026 - 00:59 vuln.today

Public exploit code

CVE Published

Jan 16, 2026 - 00:16 nvd

HIGH 7.5

DescriptionCVE.org

SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.

AnalysisAI

Smartftp versions up to 10.0.2909.0 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Technical ContextAI

This vulnerability (CWE-770: Allocation of Resources Without Limits or Throttling) affects Smartftp. SmartFTP Client 10.0.2909.0 contains multiple denial of service vulnerabilities that allow attackers to crash the application through specific input manipulation. Attackers can trigger crashes by entering malformed paths, using invalid IP addresses, or clearing connection history in the client's interface.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

CVE-2021-47791 vulnerability details – vuln.today

Back

Smartftp CVE-2021-47791

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code