Lucene search
K

7 matches found

BDU FSTEC
BDU FSTEC
added 2025/05/19 12:0 a.m.6 views

The vulnerability of the MetadataUploader function in the Visual Composer tool of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary code.

The vulnerability of the MetadataUploader function in the Visual Composer tool of the SAP NetWeaver software integration platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted HT...

9.1CVSS8.3AI score0.11222EPSS
Exploits3References4
BDU FSTEC
BDU FSTEC
added 2025/04/25 12:0 a.m.5 views

The vulnerability of the MetadataUploader function in the Visual Composer tool of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary code.

The vulnerability of the MetadataUploader function in the Visual Composer software integration platform of SAP NetWeaver lies in the ability to upload executable files without limitation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending a specially...

10CVSS8.3AI score0.99359EPSS
Exploits18References7
VulnCheck KEV
VulnCheck KEV
added 2025/04/22 12:0 a.m.5 views

VulnCheck KEV: CVE-2017-9844

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer...

7.5CVSS7.6AI score0.05513EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/13 12:0 a.m.2 views

SAP NetWeaver Denial of Service Vulnerability (CNVD-2017-23559)

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver. A remote attacker could exploit this vulnerability by sending ...

7.5CVSS9.5AI score0.05513EPSS
Exploits0References1
NVD
NVD
added 2017/07/12 4:29 p.m.23 views

CVE-2017-9844

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer...

7.5CVSS9.6AI score0.05513EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/07/12 4:0 p.m.20 views

CVE-2017-9844

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer...

9.6AI score0.05513EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/07/12 12:0 a.m.4 views

PT-2017-19212 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver version 7400.12.21.30308 Description: The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to the "metadatauploader" API endpoint...

7.5CVSS9.7AI score0.05513EPSS
Exploits0References6
Rows per page
Query Builder