SAP disclosed a critical zero-day vulnerability, identified as CVE-2025-31324, in its NetWeaver Visual Composer component. This vulnerability, with a maximum CVSSv3 severity score of 10.0, stems from a missing authorization check within the Metadata Uploader module of Visual Composer. When exploited, it allows unauthenticated attackers to upload arbitrary malicious files via specially crafted POST requests to […]
The post SAP NetWeaver 0-Day Flaw Actively Exploited to Deploy Webshells appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
​The original article found on GBHackers Security | #1 Globally Trusted Cyber Security News Platform Read More
