CVE-2024-7694
HIGH KEVThreatSonar Anti-Ransomware < 3.5.0 - Authenticated Arbitrary File Upload and Remote Code Execution
Title source: llmExploitation Summary
CVE-2024-7694 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added February 17, 2026.
Description
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7694
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/tw/cp-132-7998-d76dd-1.html
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html
Scores
CVSS v3
7.2
EPSS
0.0122
EPSS Percentile
79.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2026-02-17
VulnCheck KEV
2026-02-17
ENISA EUVD
EUVD-2024-48579
CWE
CWE-434
Status
published
Products (1)
teamt5/threatsonar_anti-ransomware
< 3.5.0
Published
Aug 12, 2024
KEV Added
Feb 17, 2026
Tracked Since
Feb 18, 2026