CVE-2021-47827

HIGH

WebSSH for iOS <14.16.10 - DoS

Title source: llm

Description

WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the mashREPL input field, causing the application to crash.

Exploits (1)

exploitdb WORKING POC

by Luis Martínez · pythondosios

https://www.exploit-db.com/exploits/49883

View Code ZIP pw:eip

References (3)

[Various Sources] https://apps.apple.com/mx/app/webssh-ssh-client/id497714887

[Third Party Advisory] https://www.vulncheck.com/advisories/webssh-for-ios-mashrepl-denial-of-service

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/49883

Scores

CVSS v3 7.5

EPSS 0.0001

EPSS Percentile 2.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-1284

Status draft

Timeline

Published Jan 16, 2026

Tracked Since Feb 18, 2026