Is Threatsonar Anti Ransomware affected by EUVD-2026-23800?

TeamT5 ThreatSonar Anti-Ransomware versions up to 4.0.0 contain a command injection vulnerability that allows authenticated users with shell access to escalate privileges to root, effectively neutralizing the anti-ransomware protection and granting attackers complete system control.

Threatsonar Anti Ransomware EUVD-2026-23800

| CVE-2026-5967 HIGH

OS Command Injection (CWE-78)

2026-04-20 twcert

GHSA-49hc-46g6-4c47

Privilege Escalation Command Injection Threatsonar Anti Ransomware

8.7

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

Apr 20, 2026 - 09:43 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 20, 2026 - 09:37 vuln.today

cvss_changed

CVSS changed

Apr 20, 2026 - 09:37 NVD

8.8 (HIGH) 8.7 (HIGH)

Analysis Generated

Apr 20, 2026 - 08:57 vuln.today

DescriptionNVD

ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them with root privileges.

AnalysisAI

OS command injection in TeamT5 ThreatSonar Anti-Ransomware ≤4.0.0 allows authenticated remote attackers with shell access to escalate privileges to root. Despite the high CVSS score (8.7), exploitation requires legitimate shell access and low-privilege authentication, limiting attack surface to environments where ransomware protection agents are accessible to compromised accounts. …

RemediationAI

Within 24 hours: Inventory all TeamT5 ThreatSonar installations and identify systems running version 4.0.0 or earlier; restrict shell access to this software to only essential administrative accounts. Within 7 days: Contact TeamT5 for patch availability and estimated release timeline; implement compensating controls listed below on all affected systems. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-23800 vulnerability details – vuln.today

Back

Threatsonar Anti Ransomware EUVD-2026-23800

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Threatsonar Anti Ransomware EUVD-2026-23800

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code