CVE-2024-7694
CISA KEVPublished February 17, 2026 · Updated April 3, 2026
What This Means
## CVE-2024-7694: TeamT5 ThreatSonar Anti-Ransomware Arbitrary File Upload **What it is:** TeamT5 ThreatSonar Anti-Ransomware fails to validate uploaded file content, allowing authenticated administrators to upload malicious files and execute arbitrary commands on the protected server. **Impact:** An attacker with admin access to ThreatSonar can gain code execution on the system the product is meant to protect, completely bypassing the anti-ransomware defense. **Actions:** Immediately audit ThreatSonar admin accounts for unauthorized access; restrict admin privileges to named personnel only; contact TeamT5 for patched versions; isolate affected instances until patched; monitor for suspicious file uploads and command execution tied to ThreatSonar processes.
Official Description+
TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system commands on the server.
Affected Products
| Vendor | Product |
|---|---|
| TeamT5 | ThreatSonar Anti-Ransomware |
Patch Status
Recommended Actions
- Check if your systems use any of the affected products listed above.
- Apply vendor patches immediately if available.
- This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
- Monitor vendor advisories for updates and additional mitigations.
- Review logs for indicators of compromise related to CVE-2024-7694.