RarmaRadio 2.72.8 - Denial of Service | Advisories

Advisories

RarmaRadio 2.72.8 - Denial of Service

severity: medium
date: January 16, 2026
Affecting: RarmaRadio 2.75.8
CVE: CVE-2021-47821
CWE: CWE-1284 Improper Validation of Specified Quantity in Input
CVSS: 4.6
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
References: ExploitDB-49906
Vendor Homepage
Credit: Ismael Nava
Description: RarmaRadio 2.72.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing network configuration fields with large character buffers. Attackers can generate a 100,000 character buffer and paste it into multiple network settings fields to trigger application instability and potential crash.