Actively Exploited SAP NetWeaver Visual Composer Vulnerability Enables Remote Code Execution (CVE-2025-31324)


The SonicWall Capture Labs threat research team became aware of an arbitrary file upload vulnerability in the Metadata Uploader component of SAP NetWeaver Visual Composer, assessed its impact, and developed mitigation measures.

SAP NetWeaver serves as a robust technology platform that functions as both an integration hub and application layer, enabling businesses to unify data, processes, and applications from various sources into a cohesive SAP ecosystem. Complementing this, SAP Visual Composer offers a user-friendly development environment for quickly designing and customizing model-driven transactional and analytical applications. Tracked as CVE-2025-31324, this critical vulnerability allows unauthenticated attackers to upload malicious files to vulnerable systems, potentially leading to remote code execution and complete system compromise.

Read more…
Source: SonicWall


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump

    March 20, 2017

    Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...