CVE-2025-31324

Published Apr 24, 2025

Last updated 7 hours ago

CVSS critical 10.0
SAP NetWeaver

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-31324 is a vulnerability affecting SAP NetWeaver Visual Composer Metadata Uploader. The core issue is a missing authorization check, which allows unauthenticated attackers to upload potentially malicious executable binaries to the system. This vulnerability can be exploited by crafting malicious POST requests to deliver webshells, enabling attackers to execute system commands, upload unauthorized files, seize control of compromised systems, execute remote code, and potentially steal sensitive data.

Description
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
Source
cna@sap.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

cna@sap.com
CWE-434

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

64

  1. CVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the Wild https://t.co/hv9MgVXD8n https://t.co/DAEsWVy6p1

    @secured_cyber

    25 Apr 2025

    66 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Bulletin: CVE-2025-31324 affects SAP NetWeaver Visual Composer. Unauthorized file uploads via missing auth checks in Metadata Uploader. Full system compromise possible. Patch via SAP Note 3594142 ASAP. #ThreatIntel #RedLeggCTI #NetWeaver https://t.co/pqGaQGnHIF

    @RedLegg

    25 Apr 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️Vulnerabilidad crítica en NetWeaver de SAP ❗CVE-2025-31324 ➡️Más info: https://t.co/EA4Z9JK1Uz https://t.co/P4DFA4itcO

    @CERTpy

    25 Apr 2025

    139 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. A new critical vulnerability in SAP NetWeaver (CVE-2025-31324) allows threat actors to upload JSP web shells, risking unauthorized access to systems, especially in government and enterprise sectors. 🚨 #SAPSecurity #WebShells #USA link: https://t.co/FTrtt6s2UY https://t.co/Aeq

    @TweetThreatNews

    25 Apr 2025

    7 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. SAP NetWeaver missing authorization has been marked as known exploited in CyberAlerts KEV CVE-2025-31324 https://t.co/OAMPcMw82Q

    @ethicalhack3r

    25 Apr 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 Threat Alert: CVE-2025-31324 – Critical SAP NetWeaver RCE Vulnerability 🚨 A newly disclosed flaw in SAP NetWeaver Visual Composer’s Metadata Uploader allows unauthenticated remote code execution via file upload—CVSS score: 10.0 (Critical). This vulnerability is a

    @modat_magnify

    25 Apr 2025

    89 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Post for X 🚨 Threat Alert: CVE-2025-31324 – Critical SAP NetWeaver RCE Vulnerability 🚨 A newly disclosed flaw in SAP NetWeaver Visual Composer’s Metadata Uploader allows unauthenticated remote code execution via file upload—CVSS score: 10.0 (Critical). This vulner

    @modat_magnify

    25 Apr 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 CVE-2025-31324 ⚠️🔴 CRITICAL (10) 🏢 SAP_SE - SAP NetWeaver (Visual Composer development server) 🏗️ VCFRAMEWORK 7.50 🔗 https://t.co/HYhufiF637 🔗 https://t.co/f5sXJgkGmG #CyberCron #VulnAlert #InfoSec https://t.co/CNqaPl8Z9n

    @cybercronai

    25 Apr 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. A critical zero-day in SAP NetWeaver (CVE-2025-31324) is being actively exploited. The flaw allows unauthenticated file uploads via the Visual Composer Metadata Uploader, leading to remote code execution. #Zeroday#patch#SAP https://t.co/dq4c7GthCH

    @CloneSystemsInc

    25 Apr 2025

    129 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 Missed this morning’s SAP zero-day briefing? We’re going live again at 11am ET / 5pm CEST to cover how CVE-2025-31324 is being exploited—and what you need to do now. ⚠️ Register before it's too late: https://t.co/pMaek4eFaq #SAPSecurity #ZeroDay #Cybersecurity #

    @onapsis

    25 Apr 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🛑 Critical SAP Exploit Alert! Hackers are abusing a flaw in SAP NetWeaver to drop JSP web shells—even fully patched systems are hit. Likely tied to CVE-2025-31324 (CVSS 10.0) | Allows unauthenticated file uploads via /metadatauploader. https://t.co/9V8WfPwhI0

    @EmmanuelFe28983

    25 Apr 2025

    24 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🛑 Critical SAP Exploit Alert! Hackers are abusing a flaw in SAP NetWeaver to drop JSP web shells—even fully patched systems are hit. Likely tied to CVE-2025-31324 (CVSS 10.0) | Allows unauthenticated file uploads via /metadatauploader. Details → https://t.co/uWvH68J5dK

    @TheHackersNews

    25 Apr 2025

    74039 Impressions

    72 Retweets

    202 Likes

    63 Bookmarks

    2 Replies

    1 Quote

  13. 🚨 CVE Alert: SAP NetWeaver Visual Composer Missing Authorization vulnerability Exploited In The wild 🚨 Vulnerability Details: CVE-2025-31324 (CVSS v3 10/10) SAP NetWeaver Visual Composer Missing Authorization vulnerability Impact: A Successful exploit may allowing https:/

    @CyberxtronTech

    25 Apr 2025

    124 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. https://t.co/GNkt3p58rg #cve-2025-31324 #cve202531324

    @RedRaysIO

    25 Apr 2025

    24 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. SAP NetWeaver zero-day. SAP has released a security advisory for customers but no official patch. CVE-2025-31324 (24th April) sev 10.

    @sneakymonk3y

    25 Apr 2025

    249 Impressions

    1 Retweet

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  16. 🚨SAP NetWeaver Vulnerability (CVE-2025-31324) Allows Remote Code Execution via File Upload Flaw https://t.co/dV17Agu4q3

    @DarkWebInformer

    24 Apr 2025

    9746 Impressions

    28 Retweets

    80 Likes

    17 Bookmarks

    2 Replies

    0 Quotes

  17. �� CVE-2025-31324 - SAP Business Client (NWBC) - HIGH 🚨 🗓️ Date published 2025-04-24 17:15:35 UTC #SAPBusinessClient(NWBC) #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/h6QAYukIA8

    @vulns_space

    24 Apr 2025

    142 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  18. [CVE-2025-31324: CRITICAL] Unprotected SAP NetWeaver Visual Composer Metadata Uploader allows unauthorized uploads, posing severe cybersecurity risks to system confidentiality, integrity, and availability.#cve,CVE-2025-31324,#cybersecurity https://t.co/wwYMfFQ6Ag https://t.co/eDw

    @CveFindCom

    24 Apr 2025

    115 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References