4 matches found
CVE-2026-34259
SAP Forecasting & Replenishment contains an OS Command Execution vulnerability. An authenticated user with administrative privileges can abuse a non-remote-enabled function to execute arbitrary operating system commands, potentially reading/modifying any system data or shutting down the system, c...
CVE-2023-33989
An attacker with non-administrative authorizations in SAP NetWeaver BI CONT ADD ON - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system...
CVE-2023-33989 Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)
An attacker with non-administrative authorizations in SAP NetWeaver BI CONT ADD ON - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system...
CVE-2023-27500 Directory Traversal vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable...