CVE-2025-11900

Name of the Vulnerable Software and Affected Versions HGiga iSherlock version 4.5

Description The iSherlock software contains an OS Command Injection flaw. This allows unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. Successful exploitation could lead to full system compromise. The vulnerability grants immediate root-level server access without requiring credentials.

Recommendations Restrict access to the iSherlock software version 4.5. Monitor the system for suspicious activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.