CVE-2024-34471 is a path traversal vulnerability identified in HSC Mailinspector version 5.2.17-3, affecting the mliRealtimeEmails.php script. The vulnerability arises from improper validation of the 'filename' parameter within the export HTML functionality, which allows an attacker to specify arbitrary file paths. This lack of sanitization enables an attacker to read and delete arbitrary files on the server filesystem. The vulnerability was demonstrated by reading and deleting the mliRealtimeEmails.php file itself, resulting in a 404 error and disruption of email data loading. The attack vector requires network access and limited privileges (PR:L), but no user interaction is needed. The vulnerability impacts the integrity and availability of the system by allowing unauthorized file deletion, potentially causing denial of service or data loss. The CVSS v3.1 base score is 5.4, reflecting medium severity with network attack vector, low attack complexity, and no confidentiality impact. No known public exploits or patches have been reported as of the publication date. The underlying weakness corresponds to CWE-22 (Improper Limitation of a Pathname to a Restricted Directory).

The vulnerability allows attackers with limited privileges to delete arbitrary files on the server, which can disrupt the normal operation of HSC Mailinspector, including loss of critical email data and denial of service. This can impact business continuity for organizations relying on Mailinspector for email monitoring and security. While confidentiality is not directly affected, the integrity and availability of the system are compromised. Deletion of key application files can cause service outages and require manual recovery or reinstallation. Organizations with sensitive or critical email infrastructure using this software version face operational risks and potential data loss. The lack of public exploits reduces immediate risk, but the vulnerability could be weaponized by insiders or attackers who gain limited access.

1. Immediately restrict file system permissions for the HSC Mailinspector application to prevent unauthorized file deletions by limiting the web server user’s write and delete permissions to only necessary directories. 2. Implement strict input validation and sanitization on the 'filename' parameter in the export HTML functionality to prevent path traversal sequences such as '../'. 3. Monitor and audit file access and deletion events related to the Mailinspector application to detect suspicious activity early. 4. If possible, isolate the Mailinspector server in a segmented network zone to reduce exposure. 5. Regularly back up critical application files and email data to enable quick recovery in case of file deletion. 6. Engage with the vendor or community to obtain patches or updates addressing this vulnerability as soon as they become available. 7. Consider deploying web application firewalls (WAFs) with rules to detect and block path traversal attempts targeting the vulnerable endpoint.