VYPR
High severity7.2NVD Advisory· Published Apr 29, 2024· Updated Jun 17, 2026

CVE-2024-4299

CVE-2024-4299

Description

The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection attacks, enabling execution of arbitrary system commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Hgiga/iSherlockllm-fuzzy3 versions
    (expand)+ 2 more
    • (no CPE)
    • (no CPE)range: earlier
    • (no CPE)range: earlier

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.