THREAT OPS › CVEs › CVE-2025-31324
CVE-2025-31324 — SAP NetWeaver Unrestricted File Upload Vulnerability
SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.
Vulnerability details
- Affected productsNetWeaver
- KEV remediation due2025-05-20