← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-38163 — Actively Exploited: NetWeaver (SAP)

SAP NetWeaver contains a vulnerability that allows unrestricted file upload.

CVE IDCVE-2021-38163
VendorSAP
ProductNetWeaver
Vulnerability nameSAP NetWeaver Unrestricted File Upload Vulnerability
Date added2022-06-09
Remediation due2022-06-30
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionSAP NetWeaver contains a vulnerability that allows unrestricted file upload.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →