CVE-2021-47759

MEDIUM

MTPutty 1.0.1.21 - Sensitive Information Disclosure via PowerShell Process Listing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47759. PoCs published by Sedat Ozdemir.

AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in MTPutty 1.0.1.21 where SSH passwords are exposed in the command line arguments of the process, retrievable via PowerShell.

Description

MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerability that allows local attackers to view SSH connection passwords through Windows PowerShell process listing. Attackers can run a PowerShell command to retrieve the full command line of MTPutty processes, exposing plaintext SSH credentials.

Exploits (1)

exploitdb WORKING POC

by Sedat Ozdemir · textlocalwindows

https://www.exploit-db.com/exploits/50574

View Code ZIP pw:eip

This exploit demonstrates an information disclosure vulnerability in MTPutty 1.0.1.21 where SSH passwords are exposed in the command line arguments of the process, retrievable via PowerShell.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: MTPutty 1.0.1.21

No auth needed

Prerequisites: Access to the system where MTPutty is running · Ability to execute PowerShell commands

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/50574

Various Sources product

https://ttyplus.com/multi-tabbed-putty/

Scores

CVSS v3 6.2

EPSS 0.0010

EPSS Percentile 0.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-522

Status published

Published Jan 15, 2026

Tracked Since Feb 18, 2026