THREATOPS
THREAT OPSCVEs › CVE-2025-31324

CVE-2025-31324 — SAP NetWeaver Unrestricted File Upload Vulnerability

CISA KEVExploited: confirmedSAP

SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.

Vulnerability details

Related reporting