CVE-2025-31324

CRITICAL
2025-04-24 [email protected]
10.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:38 vuln.today
Added to CISA KEV
Oct 31, 2025 - 21:56 cisa
CISA KEV
CVE Published
Apr 24, 2025 - 17:15 nvd
CRITICAL 10.0

Tags

Sap File Upload Netweaver

Description

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.

Analysis

SAP NetWeaver Visual Composer Metadata Uploader lacks proper authorization, allowing unauthenticated agents to upload malicious executable binaries for critical system compromise (CVSS 10.0).

Technical Context

The CWE-434 unrestricted file upload in the Metadata Uploader endpoint accepts any file type without authentication or authorization checks. Attackers upload JSP web shells or compiled executables that are then accessible for execution on the SAP server.

Affected Products

['SAP NetWeaver Visual Composer (Metadata Uploader component)']

Remediation

Apply SAP security notes immediately. Disable Visual Composer if not required. Restrict network access to SAP management interfaces. Scan for web shells in SAP deployment directories.

Priority Score

132
Low Medium High Critical
KEV: +50
EPSS: +32.2
CVSS: +50
POC: 0

Share

CVE-2025-31324 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy