← back
CVE-2025-31324

Missing Authorization check in SAP NetWeaver (Visual Composer development server)

CVSS 10 CRITICALEPSS 99.4%● KEVCWE-434
In short

SAP NetWeaver Visual Composer's file upload feature lacks proper security checks, allowing anyone to upload harmful files without permission. This can compromise the entire system's security, data, and availability.

Technical detail

CWE-434 (Unrestricted File Upload) in SAP NetWeaver Visual Composer Metadata Uploader permits unauthenticated file uploads without authorization validation. An attacker can upload malicious executable binaries to the development server, achieving remote code execution and full system compromise (CIA impact).

Summary generated and translated by AI from the official description.
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
SAP_SE · SAP NetWeaver (Visual Composer development server)
public PoCs found20
githubgithub.com/redrays-io/CVE-2025-3132424githubgithub.com/antichainalysis/sap-netweaver-0day-CVE-2025-3132422githubgithub.com/Onapsis/Onapsis_CVE-2025-31324_Scanner_Tools12githubgithub.com/Onapsis/Onapsis-Mandiant-CVE-2025-31324-Vuln-Compromise-Assessment9githubgithub.com/NULLTRACE0X/CVE-2025-313248githubgithub.com/ODST-Forge/CVE-2025-31324_PoC6githubgithub.com/rf-peixoto/sap_netweaver_cve-2025-31324-5githubgithub.com/rxerium/CVE-2025-313244githubgithub.com/aristois913/CVE-2025-313243githubgithub.com/nullcult/CVE-2025-31324-File-Upload2githubgithub.com/nairuzabulhul/nuclei-template-cve-2025-31324-check1githubgithub.com/respondiq/jsp-webshell-scanner1githubgithub.com/moften/CVE-2025-31324-NUCLEI1githubgithub.com/abrewer251/CVE-2025-31324_PoC_SAP1githubgithub.com/JonathanStross/CVE-2025-313241githubgithub.com/moften/CVE-2025-313240githubgithub.com/BlueOWL-overlord/Burp_CVE-2025-313240githubgithub.com/Alizngnc/SAP-CVE-2025-313240githubgithub.com/sug4r-wr41th/CVE-2025-313240githubgithub.com/harshitvarma05/CVE-2025-31324-Exploits0
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://me.sap.com/notes/3594142https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/https://url.sap/sapsecuritypatchdayhttps://www.bleepingcomputer.com/news/security/sap-fixes-suspected-netweaver-zero-day-exploited-in-attacks/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31324https://www.theregister.com/2025/04/25/sap_netweaver_patch/