Back to KEVs

CVE-2024-7694

TeamT5 ThreatSonar Anti-Ransomware - Arbitrary File Upload

Basic Information

CVE State
PUBLISHED
Reserved Date
August 12, 2024
Published Date
August 12, 2024
Last Updated
February 18, 2026
Vendor
TeamT5
Product
ThreatSonar Anti-Ransomware
Description
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
Tags
cisa

CVSS Scores

CVSS v3.1

7.2 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2026-06-01 10:57:09 UTC) Source

References

https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html

Known Exploited Vulnerability Information

Source Added Date
CVE 2026-06-01 10:57:09 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel