EUVD-2025-34126

🗓️ 14 Oct 2025 00:17:23Reported by EUVDType

Authenticated attacker stores JavaScript on the application server explorer; runs in browser; low impact.

Reporter	Title	Published	Views	Family All 8
CNNVD	SAP Application Server for ABAP 代码注入漏洞	14 Oct 202500:00	–	cnnvd
CVE	CVE-2025-42901	14 Oct 202500:17	–	cve
Cvelist	CVE-2025-42901 Code Injection vulnerability in SAP Application Server for ABAP (BAPI Browser)	14 Oct 202500:17	–	cvelist
NCSC	Vulnerabilities fixed in SAP Products	17 Oct 202508:04	–	ncsc
NVD	CVE-2025-42901	14 Oct 202501:15	–	nvd
Positive Technologies	PT-2025-41836	14 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-42901	15 Oct 202516:43	–	redhatcve
Vulnrichment	CVE-2025-42901 Code Injection vulnerability in SAP Application Server for ABAP (BAPI Browser)	14 Oct 202500:17	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "775063c9-0b1a-3f5d-abd2-a76c863c54ab",
        "vendor": {
          "name": "SAP_SE"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "123968a8-d1ae-33f0-8510-fe7bcd674b39",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 754"
      },
      {
        "id": "29746026-5f5a-3645-9dc0-d1bdc4aca238",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 758"
      },
      {
        "id": "368125f8-5ae4-3cac-89c4-c9f996dacdf1",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 757"
      },
      {
        "id": "4cb73b5f-faa5-3257-b7d2-8d26a5ba781d",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 750"
      },
      {
        "id": "5753bdab-4101-3bca-94e2-9a3babb67a19",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 752"
      },
      {
        "id": "5e4eba7b-ed93-3c48-a73b-a1d8227907e1",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 816"
      },
      {
        "id": "77a46a42-6d92-336d-a376-2628c64677f7",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 702"
      },
      {
        "id": "85a68ff7-2dd6-3b6a-8f2f-9dab5d37d948",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 756"
      },
      {
        "id": "9f0518a3-c85b-3804-9e5b-9c41ba30089d",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 701"
      },
      {
        "id": "a397f6a1-709a-37b7-88b4-28fd8b6a0772",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 751"
      },
      {
        "id": "a656df71-8426-3e8b-88e3-f277c8c7594b",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 753"
      },
      {
        "id": "c438275e-9e90-3386-a4fb-dec5cd76458a",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 755"
      },
      {
        "id": "c5534e83-cd25-3286-b613-00a799537d79",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 700"
      },
      {
        "id": "c8bfc947-7998-3315-b340-541c25a96eef",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 731"
      },
      {
        "id": "e2b16115-6c6f-3006-b02e-0373eb36bbdd",
        "product": {
          "name": "SAP Application Server for ABAP (BAPI Browser)"
        },
        "product_version": "SAP_BASIS 740"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3652788
url	www.url.sap/sapsecuritypatchday
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-42901

14 Oct 2025 15:21Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.15.4

EPSS0.00206

SSVC