CVE-2021-47891

CRITICAL

Unified Remote 3.9.0.2463 - RCE

Title source: llm

Description

Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by connecting to port 9512 and sending specially crafted packets to open a command prompt and download and execute malicious payloads.

Exploits (1)

exploitdb WORKING POC VERIFIED

by H4rk3nz0 · pythonremotewindows

https://www.exploit-db.com/exploits/49587

View Code ZIP pw:eip

References (4)

[Various Sources] https://www.unifiedremote.com/

[Various Sources] https://www.unifiedremote.com/download

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/49587

[Third Party Advisory] https://www.vulncheck.com/advisories/unified-remote-remote-code-execution

Scores

CVSS v3 9.8

EPSS 0.0025

EPSS Percentile 48.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-306

Status published

Products (1)

Unified Intents AB/Unified Remote 3.9.0.2463

Published Jan 23, 2026

Tracked Since Feb 18, 2026