CVE-2024-7694

HIGHCISA KEV

7.2

Descripcion

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.

Detalles CVE

Puntuacion CVSS v3.17.2

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosHIGH

Interaccion usuarioNONE

Publicado8/12/2024

Ultima modificacion2/18/2026

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorTeamT5

ProductoThreatSonar Anti-Ransomware

Nombre vulnerabilidadTeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

Fecha inclusion KEV2026-02-17

Fecha limite remediacion2026-03-10

Uso en ransomwareUnknown

Productos afectados

teamt5:threatsonar_anti-ransomware

Debilidades (CWE)

CWE-434

Referencias

https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html(twcert@cert.org.tw)

https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html(twcert@cert.org.tw)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7694(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.