CVE-2024-7694
Published: 12 August 2024
Summary
CVE-2024-7694 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Teamt5 Threatsonar Anti-Ransomware. Its CVSS base score is 7.2 (High).
Operationally, ranked in the top 20.6% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-3 (Malicious Code Protection).
Deeper analysis
ThreatSonar Anti-Ransomware from TeamT5 contains an unrestricted file upload flaw (CWE-434) that fails to validate the content of files uploaded to the platform. The affected component is the web interface used for administrative file management on the product server.
Remote attackers who already possess administrator credentials on the ThreatSonar instance can upload crafted files that result in arbitrary system command execution on the underlying server. The vulnerability carries a CVSS 3.1 score of 7.2 and requires no user interaction beyond the initial privileged access.
Taiwanese CERT advisories and the associated vendor guidance recommend applying the patches released by TeamT5 and restricting administrative access to trusted networks. The flaw is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation. The EPSS score rose from a low baseline to a recorded peak of 0.0228, indicating increased exploitation interest after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-48579
Vulnerability details
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
- CWE(s)
- KEV Date Added
- 17 February 2026
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of uploaded file content to block malicious payloads that lead to command execution.
Mandates malicious-code scanning and blocking of uploaded files before they can be used for arbitrary command execution.
Requires integrity verification of uploaded files and software to detect or stop tampering that enables command execution.