Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
The iSherlock developed by Hgiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. This vulnerability has already been exploited. Please update immediately.
AnalysisAI
CVE-2025-7451 is a critical OS Command Injection vulnerability in iSherlock (developed by Hgiga) that allows unauthenticated remote attackers to execute arbitrary operating system commands on vulnerable servers with no authentication required. The vulnerability has active in-the-wild exploitation, carries a maximum CVSS score of 9.8, and poses immediate risk to all exposed instances. Organizations running iSherlock must apply patches immediately.
Technical ContextAI
This vulnerability exploits improper input validation in iSherlock's command processing functionality, classified under CWE-78 (Improper Neutralization of Special Elements used in an OS Command). The root cause stems from insufficient sanitization of user-supplied input before passing it to OS command execution functions. iSherlock, developed by Hgiga, appears to be a security or monitoring application that processes user commands; the lack of proper escaping or parameterized execution allows attackers to inject shell metacharacters and arbitrary commands. This is a classic OS command injection flaw where user input is directly concatenated into system calls without proper validation, filtering, or use of safe APIs that would prevent command interpretation.
RemediationAI
- Immediate Actions: Isolate or remove iSherlock from network exposure until patched; block external access via firewall rules; implement network-level IDS/IPS signatures for CVE-2025-7451 exploitation attempts. 2. Patch Availability: Contact Hgiga directly for patch availability and version-specific updates (specific patch versions not provided in available references; vendor advisory must be obtained from Hgiga's official security channel). 3. Workarounds: If patching is delayed, implement strict input validation/WAF rules to block OS command metacharacters (|, &, ;, $, `, >, <, \n, etc.) in all user inputs; run iSherlock with minimal OS privileges; use OS-level command execution restrictions (e.g., seccomp, AppArmor, SELinux) to limit damage. 4. Detection: Hunt for exploitation indicators in logs—unusual command execution patterns, unexpected process spawning, or HTTP/API requests containing shell metacharacters.
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-21302