CVE-2024-7694

Name of the Vulnerable Software and Affected Versions TeamT5 ThreatSonar Anti-Ransomware versions through 3.4.5

Description ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. This allows remote attackers with administrator privileges on the product platform to upload malicious files, which can be used to execute arbitrary system commands on the server. The flaw stems from unrestricted file upload capabilities, creating a pathway for adversaries to bypass security layers and potentially deploy ransomware payloads directly on the server. This issue has been actively exploited and is listed in the CISA Known Exploited Vulnerabilities catalog, with remediation mandated by March 10th. The geopolitical context suggests ransomware campaigns are increasingly aligned with state-sponsored objectives, and this vulnerability could be leveraged to disrupt critical infrastructure and extort financial gains.

Recommendations Versions through 3.4.5: Restrict file upload capabilities to only essential, non-executable formats such as text or PDFs.