| TVN ID | TVN-202604007 |
|---|---|
| CVE ID | CVE-2026-5966, CVE-2026-5967 |
| CVSS | 【CVE-2026-5966】 8.1 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 【CVE-2026-5967】 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | ThreatSonar Anti-Ransomware version 4.0.0 and earlier |
| Description | 【CVE-2026-5966(Arbitrary File Deletion】 Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system. 【CVE-2026-5967(Privilege Escalation)】 Authenticated remote attackers with shell access can inject OS commands and execute them with root privileges. |
| Solution | Please install hotpatch version 20260302. |
| Credit | TeamT5, Carson Wang |
| Public Date | 2026-04-20 |
:::