Vulnerability Details CVE-2024-7694
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 79.1%
CVSS Severity
CVSS v3 Score 7.2
Proposed Action
TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system commands on the server.
Ransomware Campaign
Unknown
References
Products affected by CVE-2024-7694
-
cpe:2.3:a:teamt5:threatsonar_anti-ransomware:-
-
cpe:2.3:a:teamt5:threatsonar_anti-ransomware:3.4.5