CVE-2024-4297 (GCVE-0-2024-4297)
Vulnerability from cvelistv5 – Published: 2024-04-29 02:28 – Updated: 2025-07-14 02:17
VLAI?
Summary
The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.
Severity ?
4.9 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| HGiga | iSherlock 4.5 |
Affected:
earlier , < 147
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hgiga:isherlock:4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "isherlock",
"vendor": "hgiga",
"versions": [
{
"lessThan": "4.5-147",
"status": "affected",
"version": "4.5",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-29T14:46:04.177828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:53:11.281Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:33:53.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"iSherlock-sysinfo-4.5"
],
"product": "iSherlock 4.5",
"vendor": "HGiga",
"versions": [
{
"lessThan": "147",
"status": "affected",
"version": "earlier",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"iSherlock-sysinfo-5.5"
],
"product": "iSherlock 5.5",
"vendor": "HGiga",
"versions": [
{
"lessThan": "147",
"status": "affected",
"version": "earlier",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-04-29T02:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files."
}
],
"value": "The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files."
}
],
"impacts": [
{
"capecId": "CAPEC-139",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-139 Relative Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T02:17:55.601Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update iSherlock-sysinfo-4.5 to version 147 or later\u003cbr\u003e\n\nUpdate iSherlock-sysinfo-5.5 to version 147 or later\n\n\u003cbr\u003e"
}
],
"value": "Update iSherlock-sysinfo-4.5 to version 147 or later\n\n\nUpdate iSherlock-sysinfo-5.5 to version 147 or later"
}
],
"source": {
"advisory": "TVN-202404008",
"discovery": "EXTERNAL"
},
"title": "HGiga iSherlock - Arbitrary File Download",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-4297",
"datePublished": "2024-04-29T02:28:24.526Z",
"dateReserved": "2024-04-29T01:47:07.589Z",
"dateUpdated": "2025-07-14T02:17:55.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.\"}, {\"lang\": \"es\", \"value\": \"La interfaz de configuraci\\u00f3n del sistema de HGiga iSherlock (incluidos MailSherlock, SpamSherlock, AuditSherlock) no filtra caracteres especiales en ciertos par\\u00e1metros de funci\\u00f3n, lo que permite a atacantes remotos con privilegios administrativos explotar esta vulnerabilidad para descargar archivos arbitrarios del sistema.\"}]",
"id": "CVE-2024-4297",
"lastModified": "2024-11-21T09:42:34.083",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"twcert@cert.org.tw\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 4.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 3.6}]}",
"published": "2024-04-29T03:15:09.613",
"references": "[{\"url\": \"https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html\", \"source\": \"twcert@cert.org.tw\"}, {\"url\": \"https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "twcert@cert.org.tw",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"twcert@cert.org.tw\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-4297\",\"sourceIdentifier\":\"twcert@cert.org.tw\",\"published\":\"2024-04-29T03:15:09.613\",\"lastModified\":\"2024-11-21T09:42:34.083\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.\"},{\"lang\":\"es\",\"value\":\"La interfaz de configuraci\u00f3n del sistema de HGiga iSherlock (incluidos MailSherlock, SpamSherlock, AuditSherlock) no filtra caracteres especiales en ciertos par\u00e1metros de funci\u00f3n, lo que permite a atacantes remotos con privilegios administrativos explotar esta vulnerabilidad para descargar archivos arbitrarios del sistema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"references\":[{\"url\":\"https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html\",\"source\":\"twcert@cert.org.tw\"},{\"url\":\"https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:33:53.076Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4297\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-29T14:46:04.177828Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:hgiga:isherlock:4.5:*:*:*:*:*:*:*\"], \"vendor\": \"hgiga\", \"product\": \"isherlock\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.5\", \"lessThan\": \"4.5-147\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-29T14:45:18.534Z\"}}], \"cna\": {\"title\": \"HGiga iSherlock - Arbitrary File Download\", \"source\": {\"advisory\": \"TVN-202404008\", \"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-139\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-139 Relative Path Traversal\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"HGiga\", \"modules\": [\"iSherlock-sysinfo-4.5\"], \"product\": \"iSherlock 4.5\", \"versions\": [{\"status\": \"affected\", \"version\": \"earlier\", \"lessThan\": \"147\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"HGiga\", \"modules\": [\"iSherlock-sysinfo-5.5\"], \"product\": \"iSherlock 5.5\", \"versions\": [{\"status\": \"affected\", \"version\": \"earlier\", \"lessThan\": \"147\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update iSherlock-sysinfo-4.5 to version 147 or later\\n\\n\\nUpdate iSherlock-sysinfo-5.5 to version 147 or later\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update iSherlock-sysinfo-4.5 to version 147 or later\u003cbr\u003e\\n\\nUpdate iSherlock-sysinfo-5.5 to version 147 or later\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-04-29T02:20:00.000Z\", \"references\": [{\"url\": \"https://www.twcert.org.tw/tw/cp-132-7767-ce3b4-1.html\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e\", \"shortName\": \"twcert\", \"dateUpdated\": \"2025-07-14T02:17:55.601Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-4297\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-14T02:17:55.601Z\", \"dateReserved\": \"2024-04-29T01:47:07.589Z\", \"assignerOrgId\": \"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e\", \"datePublished\": \"2024-04-29T02:28:24.526Z\", \"assignerShortName\": \"twcert\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…