CVE-2024-7694

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability

Entry Details

Vulnerability ID

CVE-2024-7694

Status

Confirmed

Exploited

Yes

Status Updated At

2026-02-17 00:00 UTC

Timestamps

First Seen At

2026-02-17

Asserted At

2026-02-17

Scope

Notes

KEV entry: TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability | Affected: TeamT5 / ThreatSonar Anti-Ransomware | Description: TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system commands on the server. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-03-10 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://teamt5.org/en/posts/vulnerability-notice-threat-sonar-anti-ransomware-20240715/ ; https://www.twcert.org.tw/en/cp-139-8000-e5a5c-2.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-7694

References

{'id': 'CVE-2024-7694', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-7694'}

Entry UUID

e74ada28-860b-4114-b8de-2b92690bd293

Catalog Origin UUID

405284c2-e461-4670-8979-7fd2c9755a60

Created

2026-02-18 06:44 UTC

Last Updated

2026-02-18 06:44 UTC

Evidence (1)

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
vendor_report	cisa-kev	successful_exploitation	0.80	View details `{ "cwes": [ "CWE-434" ], "date_added": "2026-02-17", "due_date": "2026-03-10", "feed": "CISA Known Exploited Vulnerabilities Catalog", "knownRansomwareCampaignUse": "Unknown", "product": "ThreatSonar Anti-Ransomware", "vendorProject": "TeamT5", "vulnerabilityName": "TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability" }`	-

vendor_report

cisa-kev

successful_exploitation

0.80

View details

{
  "cwes": [
    "CWE-434"
  ],
  "date_added": "2026-02-17",
  "due_date": "2026-03-10",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Unknown",
  "product": "ThreatSonar Anti-Ransomware",
  "vendorProject": "TeamT5",
  "vulnerabilityName": "TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability"
}

Export Options

JSON Object JSON API View Full Catalog