Ransomware Attacks via Malicious File Uploads

CVE-2024-7694

7.2HIGH

Key Information

Vendor: Teamt5
Status: Threatsonar Anti-ransomware
Vendor: CVE Published:; 12 August 2024

Summary

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.

Affected Version(s)

ThreatSonar Anti-Ransomware <= 3.4.5

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved.
Aug 12, 2024
Vulnerability published.
Aug 12, 2024

Collectors

NVD DatabaseMitre Database