← back
CVE-2021-38163

CVE-2021-38163

CVSS 9.9 CRITICALEPSS 37.1%● KEVCWE-22
In short

A flaw in SAP NetWeaver allows a regular user to upload a malicious file that runs as the Java Server, letting attackers steal data, modify files, or crash the system.

Technical detail

CWE-22 path traversal vulnerability in SAP NetWeaver Visual Composer 7.0 RT (versions 7.30–7.50) permits authenticated non-admin users to upload and execute arbitrary files with Java Server privileges. The attacker can achieve remote code execution to read/modify sensitive data or perform denial of service attacks.

Summary generated and translated by AI from the official description.
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
SAP SE · SAP NetWeaver (Visual Composer 7.0 RT)
public PoCs found2
githubgithub.com/core1impact/CVE-2021-381634githubgithub.com/purpleteam-ru/CVE-2021-381630
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/3084487https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-38163