CVE-2024-7694

HIGHCISA KEV

7.2

Beschreibung

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.

CVE Details

CVSS v3.1 Bewertung7.2

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionNONE

Veroffentlicht8/12/2024

Zuletzt geandert2/18/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerTeamT5

ProduktThreatSonar Anti-Ransomware

SchwachstellennameTeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

KEV Aufnahmedatum2026-02-17

Behebungsfrist2026-03-10

Ransomware-NutzungUnknown

Betroffene Produkte

teamt5:threatsonar_anti-ransomware

Schwachen (CWE)

CWE-434

Referenzen

https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html(twcert@cert.org.tw)

https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html(twcert@cert.org.tw)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7694(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.