What is CVE-2025-7145?

CVE-2025-7145 is a high-severity vulnerability in Teamt5 Threatsonar Anti-ransomware, classified under OS Command Injection. CVSS score: 7.2/10. Published 2025-07-07.

How severe is CVE-2025-7145?

High severity. CVSS v3 base score is 7.2 out of 10.

RCE in Teamt5 Threatsonar Anti-ransomware

CVE-2025-7145

ThreatSonar Anti-Ransomware developed by TeamT5 has an OS Command Injection vulnerability, allowing remote attackers with product platform intermediate privileges to inject arbitrary OS commands and execute them on the server, thereby gain…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.017 (82.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Teamt5 Threatsonar Anti-ransomware — versions 3.6.0

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

www.twcert.org.tw/tw/cp-132-10231-a15c8-1.html (third-party-advisory)
www.twcert.org.tw/en/cp-139-10232-f99c0-2.html (third-party-advisory)

Frequently asked questions

What is CVE-2025-7145?: CVE-2025-7145 is a high-severity vulnerability in Teamt5 Threatsonar Anti-ransomware, classified under OS Command Injection. CVSS score: 7.2/10. Published 2025-07-07.
How severe is CVE-2025-7145?: High severity. CVSS v3 base score is 7.2 out of 10.