CVE-2021-47752 – CVE-2021-47752 is a denial of service vulnerabi... (How to Fix)

Q: What is the severity of CVE-2021-47752?

CVE-2021-47752 has a CVSS score of 7.5 (HIGH). CVE-2021-47752 is a denial of service vulnerability in AWebServer GhostBuilding 18 that allows remote attackers to crash or render the server unresponsive by sending multiple concurrent HTTP requests. This affects systems running the vulnerable version of AWebServer GhostBuilding, particularly those exposed to untrusted networks.

📋 TL;DR

CVE-2021-47752 is a denial of service vulnerability in AWebServer GhostBuilding 18 that allows remote attackers to crash or render the server unresponsive by sending multiple concurrent HTTP requests. This affects systems running the vulnerable version of AWebServer GhostBuilding, particularly those exposed to untrusted networks.

💻 Affected Systems

Products:

AWebServer GhostBuilding

Versions: Version 18

Operating Systems: Android (based on Google Play Store reference)

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability affects the default configuration when exposed to network traffic. The /mysqladmin endpoint is specifically mentioned but other endpoints may also be vulnerable.

📦 What is this software?

Awebserver by Sylkat Tools

View all CVEs affecting Awebserver →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage with server crash requiring manual restart, potentially leading to extended downtime and business disruption.

🟠

Likely Case

Service degradation or temporary unresponsiveness affecting legitimate users until attack traffic subsides.

🟢

If Mitigated

Minimal impact with proper rate limiting and monitoring in place to detect and block attack traffic.

🌐 Internet-Facing: HIGH - Remote attackers can exploit this without authentication from anywhere on the internet.

🏢 Internal Only: MEDIUM - Internal attackers could still cause disruption but with more limited scope.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available on Exploit-DB (ID 50629), making this easily weaponizable by attackers with basic skills.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://sylkat-tools.rf.gd/awebserver.htm

Restart Required: No

Instructions:

No official patch identified. Check vendor website for updates and consider upgrading to a newer version if available.

🔧 Temporary Workarounds

Implement Rate Limiting

all

Configure network devices or web application firewalls to limit concurrent connections and request rates per IP address.

Restrict Access

all

Limit server exposure by placing behind firewall rules that restrict access to trusted IP addresses only.

🧯 If You Can't Patch

Deploy a reverse proxy with DoS protection capabilities (like nginx with rate limiting or Cloudflare)
Monitor server performance metrics and set alerts for abnormal request patterns or resource exhaustion

🔍 How to Verify

Check if Vulnerable:

Check if running AWebServer GhostBuilding version 18. Review application logs for patterns of high concurrent requests from single sources.

Check Version:

Check application settings or about page within the AWebServer GhostBuilding app interface.

Verify Fix Applied:

Test with controlled concurrent request bursts to verify service remains responsive. Monitor for crash events.

📡 Detection & Monitoring

Log Indicators:

Sudden spikes in concurrent connections
Multiple rapid requests to /mysqladmin or other endpoints
Server crash or restart logs

Network Indicators:

High volume of HTTP requests from single IPs
Abnormal request patterns with concurrent connections exceeding normal baseline

SIEM Query:

source="webserver_logs" | stats count by src_ip, uri | where count > 1000 | sort -count

📊 Metadata

CVE ID: CVE-2021-47752

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.18% exploit probability (39.6th percentile)

Published: January 15, 2026

Last Updated: January 23, 2026

🔗 References

http://sylkat-tools.rf.gd/awebserver.htm Product
https://play.google.com/store/apps/details?id=com.sylkat.apache&hl=en Product
https://www.exploit-db.com/exploits/50629 Exploit
https://www.exploit-db.com/exploits/50629 Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47752, you might also want to check these: