Vulnerability Details CVE-2024-7694
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 82.0%
CVSS Severity
CVSS v3 Score 7.2
Proposed Action
TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system commands on the server.
Ransomware Campaign
Unknown
References
Products affected by CVE-2024-7694
-
cpe:2.3:a:teamt5:threatsonar_anti-ransomware:-
-
cpe:2.3:a:teamt5:threatsonar_anti-ransomware:3.4.5