VYPR
Medium severity4.9NVD Advisory· Published Apr 29, 2024· Updated Jun 17, 2026

CVE-2024-4297

CVE-2024-4297

Description

The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Hgiga/iSherlockllm-fuzzy3 versions
    (expand)+ 2 more
    • (no CPE)
    • (no CPE)range: earlier
    • (no CPE)range: earlier

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.