CVE-2024-7694

Published: Aug 12, 2024Modified: Feb 18, 2026CISA KEV

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: twcert@cert.org.tw (Secondary)

Description

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.

Affected (1)

Products: Teamt5: Threatsonar Anti Ransomware

1 product

Threatsonar Anti Ransomware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Teamt5 Threatsonar Anti Ransomware	Before 3.5.0

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (3)

https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html

Source: twcert@cert.org.tw

Third Party Advisory

https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html

Source: twcert@cert.org.tw

Third Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7694

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.