Executive Summary

TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system commands on the server.

CVSS Score: 9.0/10.0
Severity: CRITICAL

Affected Systems

  • TeamT5 ThreatSonar Anti-Ransomware

Detection & Mitigation

  • Apply vendor patches as soon as available
  • Monitor for indicators of compromise
  • Review vendor advisories for specific guidance

References