CVE-2021-47719

HIGH

COMMAX WebViewer ActiveX Control 2.1.4.5 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47719. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in COMMAX WebViewer ActiveX Control 2.1.4.5. The PoC shows that sending an overly long string (e.g., 'A'*1000) causes an access violation, leading to potential arbitrary code execution.

Description

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in Commax_WebViewer.ocx to cause buffer overflow conditions and potentially gain code execution.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/50231

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in COMMAX WebViewer ActiveX Control 2.1.4.5. The PoC shows that sending an overly long string (e.g., 'A'*1000) causes an access violation, leading to potential arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: COMMAX WebViewer ActiveX Control 2.1.4.5 (Commax_WebViewer.ocx)

No auth needed

Prerequisites: Target system with COMMAX WebViewer ActiveX Control 2.1.4.5 installed · Ability to deliver malicious input to the ActiveX control (e.g., via a webpage)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →