CVE-2025-7451
BaseFortify
Publication date: 2025-07-14
Last updated on: 2025-07-15
Assigner: TWCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hgiga | isherlock | 4.5 |
| hgiga | isherlock-maillog | * |
| hgiga | isherlock | 5.5 |
| hgiga | isherlock-base | * |
| hgiga | isherlock-smtp | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7451 is a critical OS Command Injection vulnerability in Hgiga's iSherlock product suite, including MailSherlock, SpamSherlock, and AuditSherlock versions 4.5 and 5.5. It allows unauthenticated remote attackers to inject and execute arbitrary operating system commands on the server hosting iSherlock. This means attackers can run any command on the affected server without needing to log in or have privileges, potentially taking full control of the system. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized remote code execution on the affected servers, leading to full system compromise. Attackers can execute arbitrary OS commands, potentially stealing data, disrupting services, installing malware, or using the server as a launchpad for further attacks. Since the vulnerability is exploitable without authentication and has been actively exploited in the wild, it poses a high risk to affected systems. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update iSherlock-maillog to version 137 or later and iSherlock-smtp to version 732 or later for both 4.5 and 5.5 versions of the product. This will address the OS Command Injection vulnerability and prevent unauthenticated remote attackers from injecting and executing arbitrary OS commands on the server. [1, 2]