CVE-2021-47772

CRITICAL

10-Strike Network Inventory Explorer Pro 9.31 - Remote Code Execution via Text File Import

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47772. PoCs published by ro0k.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in 10-Strike Network Inventory Explorer Pro 9.31 via a crafted text file, bypassing SEH to execute a reverse shell payload. The PoC includes a structured buffer with SEH overwrite and shellcode generated by msfvenom.

Description

10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to trigger a reverse shell and execute arbitrary code on the target system.

Exploits (1)

exploitdb WORKING POC
by ro0k · pythonlocalwindows
https://www.exploit-db.com/exploits/50472

This exploit leverages a buffer overflow vulnerability in 10-Strike Network Inventory Explorer Pro 9.31 via a crafted text file, bypassing SEH to execute a reverse shell payload. The PoC includes a structured buffer with SEH overwrite and shellcode generated by msfvenom.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: 10-Strike Network Inventory Explorer Pro 9.31
No auth needed
Prerequisites: Network access to target · Ability to transfer malicious file · Netcat listener for reverse shell
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/50472
Product product
https://www.10-strike.com/

Scores

CVSS v3 9.8
EPSS 0.0065
EPSS Percentile 46.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (1)
10-strike/network_inventory_explorer 9.31
Published Jan 15, 2026
Tracked Since Feb 18, 2026