CVE-2026-29963
Path Traversal in HSC MailInspector 5.3.3-7
Publication date: 2026-05-18
Last updated on: 2026-05-19
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hsclabs | mailinspector | 5.3.3-7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in HSC MailInspector 5.3.3-7 is a Path Traversal issue caused by improper validation of user input in the /tap/dw.php endpoint. Specifically, the 'text' parameter is used to build file paths without proper normalization or restrictions, allowing an attacker to manipulate the path and access files outside the intended directory.
How can this vulnerability impact me? :
This vulnerability can allow a remote attacker to access arbitrary files on the underlying operating system. As a result, sensitive information stored on the system could be disclosed without authorization, potentially leading to data breaches or exposure of confidential data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a remote attacker to access arbitrary files on the underlying operating system, leading to unauthorized disclosure of sensitive information.
Such unauthorized disclosure of sensitive information can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability involves a Path Traversal issue in the /tap/dw.php endpoint where the 'text' parameter is improperly validated. Detection can focus on monitoring HTTP requests to this endpoint for suspicious usage of directory traversal patterns such as '../' sequences.
- Use network monitoring tools or web server logs to search for requests containing '/tap/dw.php' with parameters including '../' or other traversal strings.
- Example command to search web server logs for suspicious requests (assuming Apache logs):
grep "/tap/dw.php" /var/log/apache2/access.log | grep "\.\./"
- Use intrusion detection systems (IDS) or web application firewalls (WAF) to alert on path traversal patterns targeting the vulnerable endpoint.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable endpoint, applying input validation, and updating or patching the affected software.
- Block or restrict access to the /tap/dw.php endpoint at the network or web server level until a patch is applied.
- Implement input validation or sanitization to prevent directory traversal sequences in the 'text' parameter.
- Check for and apply any available patches or updates from the vendor (HSC Labs) for MailInspector.
- Monitor logs for exploitation attempts and respond accordingly.