CVE-2024-7694
Published Aug 12, 2024
Last updated 6 days ago
AI description
CVE-2024-7694 describes a file upload vulnerability found in TeamT5's ThreatSonar Anti-Ransomware. The core of this vulnerability lies in the product's insufficient validation of uploaded file content. This flaw enables remote attackers who possess administrator privileges on the product platform to upload malicious files. Once a malicious file is uploaded, it can be leveraged to execute arbitrary system commands on the affected server. This vulnerability has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog, indicating that it has been actively exploited in real-world scenarios.
- Description
- ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
- Source
- twcert@cert.org.tw
- NVD status
- Analyzed
- Products
- threatsonar_anti-ransomware
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability
- Exploit added on
- Feb 17, 2026
- Exploit action due
- Mar 10, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- twcert@cert.org.tw
- CWE-434
- Hype score
- Not currently trending
#CISA added four #security flaws (CVE-2026-2441, CVE-2024-7694, CVE-2020-7796, CVE-2008-0015) to its KEV catalogue, citing evidence of active exploitation in the wild. #CyberSecurity #InfoSec https://t.co/WVJPnfmi7P https://t.co/W1h3dmwdH7
@twelvesec
20 Feb 2026
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploitation Active de CVE-2024-7694 dans ThreatSonar Anti-Ransomware : Alerte CISA. https://t.co/0mRu1CJDRP
@NicolasCoolman
20 Feb 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update - CVE-2026-2441 (CVSS score: 8.8) - A use-after-free vulnerability in Google Chrome - CVE-2024-7694 (CVSS score: 7.2) - An arbitrary file upload vulnerability in TeamT5 ThreatSonar -
@johndjohnson
20 Feb 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploited zero-days like Dell RecoverPoint CVE-2026-22769 used by UNC6201 deploy GRIMBOLT/SLAYSTYLE with Ghost NICs. TeamT5 CVE-2024-7694, Ivanti EPMM backdoors, Keenadu firmware flaws, and AI/Cloud risks dominate the latest threat landscape. #India #Esp… https://t.co/55qaOAMjU
@TweetThreatNews
19 Feb 2026
261 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 TeamT5 ThreatSonar Anti-#Ransomware, Arbitrary File Upload, #CVE-2024-7694 (High) https://t.co/ESTvBOGTBK
@dailycve
18 Feb 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-7694 #TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability https://t.co/kaTErarlXH
@ScyScan
18 Feb 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New developments from CISA KEV indicate a critical vulnerability in TeamT5 ThreatSonar Anti-Ransomware, a product designed to mitigate cyber threats. This flaw, cataloged as CVE-2024-7694, stems from improper validation of uploaded files, enabling attackers with administrative
@ox0ffff
18 Feb 2026
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-7694 | TeamT5 ThreatSonar Anti-Ransomware up to 3.4.5 unrestricted upload https://t.co/5OdxnsOlG6 A vulnerability identified as critical has been detected in TeamT5 ThreatSonar Anti-Ransomware up to 3.4.5. Affected by this issue is some unknown functionality. Performin
@f1tym1
17 Feb 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ CISA has added 4 vulnerabilities to the KEV Catalog https://t.co/9idGUAHIKd CVE-2020-7796: Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability CVE-2024-7694: TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Typ
@DarkWebInformer
17 Feb 2026
3369 Impressions
4 Retweets
19 Likes
7 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamt5:threatsonar_anti-ransomware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9A8CAE4-32DB-42E7-9791-5C3D0C4FC2D2",
"versionEndExcluding": "3.5.0"
}
],
"operator": "OR"
}
]
}
]