Login Sign Up

CVE-2021-46518

7.8 HIGH
Denial of Service

📋 TL;DR

CVE-2021-46518 is a heap buffer overflow vulnerability in Cesanta MJS JavaScript engine that allows attackers to execute arbitrary code or cause denial of service. This affects any application or device using MJS v2.20.0 for embedded JavaScript execution. The vulnerability is triggered through the mjs_disown function in the core component.

💻 Affected Systems

Products:
  • Cesanta MJS
Versions: Version 2.20.0 specifically
Operating Systems: All platforms running MJS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects version 2.20.0; earlier and later versions are not vulnerable. Any application using MJS library with this version is affected.

📦 What is this software?

Mjs by Cesanta

View all CVEs affecting Mjs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Application crash causing denial of service, potentially leading to service disruption in embedded systems.

🟢

If Mitigated

Application crash contained within sandboxed environment with minimal impact.

🌐 Internet-Facing: MEDIUM - Requires specific conditions to trigger via crafted JavaScript input to exposed MJS interfaces.
🏢 Internal Only: LOW - Typically requires local access or specific API calls to vulnerable functions.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires ability to supply crafted JavaScript to the mjs_disown function. Public proof-of-concept demonstrates crash but not full RCE.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 2.20.1 and later

Vendor Advisory: https://github.com/cesanta/mjs/issues/195

Restart Required: Yes

Instructions:

1. Update MJS to version 2.20.1 or later. 2. Recompile any applications using MJS. 3. Restart affected services.

🔧 Temporary Workarounds

Disable vulnerable functionality

all

Remove or disable calls to mjs_disown function if not required

# Review source code and remove/comment mjs_disown calls

Input validation

all

Implement strict input validation for JavaScript passed to MJS

# Add input sanitization before passing data to MJS engine

🧯 If You Can't Patch

  • Isolate affected systems in network segments with strict access controls
  • Implement application-level firewalls to filter malicious JavaScript inputs

🔍 How to Verify

Check if Vulnerable:

Check if MJS version 2.20.0 is installed in your system or linked in applications

Check Version:

grep -r "MJS_VERSION" /path/to/mjs/source/ or check package manager

Verify Fix Applied:

Verify MJS version is 2.20.1 or later and test mjs_disown functionality

📡 Detection & Monitoring

Log Indicators:

  • Segmentation faults in MJS processes
  • Abnormal memory usage patterns
  • Repeated crashes of MJS-based applications

Network Indicators:

  • Unusual JavaScript payloads sent to MJS interfaces
  • Traffic patterns indicating fuzzing attempts

SIEM Query:

process.name:"mjs" AND (event.action:"segmentation_fault" OR memory.usage > threshold)

📊 Metadata

CVE ID: CVE-2021-46518
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: January 27, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-46518, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)