Active exploitation of SAP NetWeaver Visual Composer CVE-2025-31324


On Thursday, April 24, enterprise resource planning company SAP published a CVE (and a day later, an advisory behind login) for CVE-2025-31324, a zero-day vulnerability in NetWeaver Visual Composer that carries a CVSSv3 score of 10.

The vulnerability arises from a missing authorization check in Visual Composer’s Metadata Uploader component that, when successfully exploited, allows unauthenticated attackers to send specially crafted POST requests to the /developmentserver/metadatauploader endpoint, resulting in unrestricted malicious file upload. While the vulnerable component is not installed in NetWeaver’s default configuration, SAP security firm Onapsis notes that it is widely enabled.

Read more…
Source: Rapid7


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Emergency Apple Patch Fixes High Sierra Password Hint Leak

    October 6, 2017

    Apple rushed out an emergency patch Thursday that fixed an incredulous bug in its shiny new High Sierra operating system that revealed APFS volume passwords via the password hint feature. Brazilian researcher Matheus Mariano of Leet Tech found the bug and privately disclosed it to Apple. He said that upon creation of an encrypted container in APFS—Apple’s new ...

  • Apache Tomcat Patches Important Remote Code Execution Flaw

    October 5, 2017

    The Apache Tomcat team has recently patched several security vulnerabilities in Apache Tomcat, one of which could allow an unauthorised attacker to execute malicious code on affected servers remotely. Apache Tomcat, developed by the Apache Software Foundation (ASF), is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, ...

  • Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software

    October 2, 2017

    Security researchers have discovered not one or two, but a total of seven security vulnerabilities in the popular open source Dnsmasq network services software, three of which could allow remote code execution on a vulnerable system and hijack it. Dnsmasq is a widely used lightweight network application tool designed to provide DNS (Domain Name System) forwarder, ...

  • Millions of Up-to-Date Apple Macs Remain Vulnerable to EFI Firmware Hacks

    September 29, 2017

    “Always keep your operating system and software up-to-date.” This is one of the most popular and critical advice that every security expert strongly suggests you to follow to prevent yourself from major cyber attacks. However, even if you attempt to install every damn software update that lands to your system, there is a good chance of your ...

  • Remote Wi-Fi Attack Backdoors iPhone 7

    September 27, 2017

    Google on Tuesday disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability in Broadcom chipsets patched this week in iOS 11. The attack enables code execution and persistent presence on a compromised device. “The exploit gains code execution on the Wi-Fi firmware on the iPhone 7,” said Google Project Zero researcher Gal Beniamini, whose ...

  • 2-Year-Old Linux Kernel Issue Resurfaces As High-Risk Flaw

    September 27, 2017

    A bug in Linux kernel that was discovered two years ago, but was not considered a security threat at that time, has now been recognised as a potential local privilege escalation flaw. Identified as CVE-2017-1000253, the bug was initially discovered by Google researcher Michael Davidson in April 2015. Since it was not recognised as a serious bug at that ...