Description

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNC_Ctrl.dll to cause heap corruption and potentially gain system-level access.

INFO

Published Date :

2025-12-09T20:37:31.265Z

Last Modified :

2025-12-10T15:42:14.422Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2021-47705 vulnerability.

Vendors Products
Commax
  • Ums Client Activex Control
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47705.

URL Resource
https://www.commax.com cve-icon cve-icon
https://www.exploit-db.com/exploits/50232 cve-icon cve-icon
https://www.vulncheck.com/advisories/commax-ums-client-activex-control-cnc-ctrl-dll-heap-buffer-overflow cve-icon cve-icon
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5664.php cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability