← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-31324 — Actively Exploited: NetWeaver (SAP)

SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.

CVE IDCVE-2025-31324
VendorSAP
ProductNetWeaver
Vulnerability nameSAP NetWeaver Unrestricted File Upload Vulnerability
Date added2025-04-29
Remediation due2025-05-20
Known ransomware useKnown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionSAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →