Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ CVE-2025-31324 Public

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.

rxerium.com
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rxerium/CVE-2025-31324

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
CVE-2025-31324.yaml
CVE-2025-31324.yaml
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2025-31324

How does this detection method work?

The template performs an HTTP GET request to the target's base URL and examines the response headers to identify SAP NetWeaver Application Server instances. This information helps assess whether the system might be susceptible to CVE-2025-31324.

How do I run this script?

  1. Download Nuclei from here
  2. Copy the template to your local system
  3. Run the following command: nuclei -u https://yourHost.com -t template.yaml

References

Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

Contact

Feel free to reach out to me on Signal.

About

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.

rxerium.com

Topics

sap cybersecurity vulnerability netweaver zero-day

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository