High severity7.2NVD Advisory· Published Apr 29, 2024· Updated Jun 17, 2026
CVE-2024-4299
CVE-2024-4299
Description
The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection attacks, enabling execution of arbitrary system commands.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
3- www.chtsecurity.com/news/4559fabd-43d1-4324-a0b3-f459a05c2290nvdThird Party Advisory
- www.chtsecurity.com/news/f67fd9b5-cb7a-42e4-bcb7-cc1c73d1f851nvdThird Party Advisory
- www.twcert.org.tw/tw/cp-132-7771-36c50-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.