CVE-2024-7694

HIGHCISA KEV

7.2

Descricao

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.

Detalhes CVE

Pontuacao CVSS v3.17.2

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosHIGH

Interacao do usuarioNONE

Publicado8/12/2024

Ultima modificacao2/18/2026

Fontekev

Avistamentos honeypot0

CISA KEV

FornecedorTeamT5

ProdutoThreatSonar Anti-Ransomware

Nome da vulnerabilidadeTeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

Data inclusao KEV2026-02-17

Prazo de remediacao2026-03-10

Uso em ransomwareUnknown

Produtos afetados

teamt5:threatsonar_anti-ransomware

Fraquezas (CWE)

CWE-434

Referencias

https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html(twcert@cert.org.tw)

https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html(twcert@cert.org.tw)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7694(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.