Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
iSherlock by HGiga Allows Unauthenticated Attackers to Execute Commands
CVE-2026-6349
Summary
The iSherlock software by HGiga has a security flaw that lets attackers with no login access inject malicious commands and run them on the server. This could be exploited by hackers to gain control of the server or disrupt its operation. Users should update or patch the software to fix this issue and prevent unauthorized access.
Original title
The
iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
Original description
The
iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
nvd CVSS4.0
10.0
Vulnerability type
CWE-78
OS Command Injection
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026