CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

April 25, 2025

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

A critical zero-day vulnerability affecting SAP NetWeaver Visual Composer MetadataUploader, now tracked as CVE-2025-31324, is being actively exploited in the wild to compromise enterprise and governme …

Published Date:
Apr 25, 2025 (5 hours, 44 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleLazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities

Next Article Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw

How To Prevent WordPress SQL Injection Attacks

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Databricks adds new tools like Lakebase, Lakeflow Designer, and Agent Bricks to better support building AI apps and agents in the enterprise

Zencoder launches end-to-end UI testing agent

NVIDIA chief rebuffs Anthropic’s AI slashing 50% of entry-level white collar jobs from Gen Z claim: “He thinks AI is so scary, but only they should do it.”

OpenAI shifts to Google for cloud computing support as Microsoft partnership falters, despite Sam Altman’s “compute-sufficient” claim

Clair Obscur: Expedition 33 now lets you rematch the game’s most brutal boss

The Alters PC review: I’m rethinking my own life paths after falling in love with a sci-fi game

SVAR Svelte Filter: Visual Query Builder for Data-Driven Apps

SVAR Svelte Filter: Visual Query Builder for Data-Driven Apps

Developing a Serverless Blogging Platform with AWS Lambda and Python

YAML files in DBT

NVIDIA chief rebuffs Anthropic’s AI slashing 50% of entry-level white collar jobs from Gen Z claim: “He thinks AI is so scary, but only they should do it.”

NVIDIA chief rebuffs Anthropic’s AI slashing 50% of entry-level white collar jobs from Gen Z claim: “He thinks AI is so scary, but only they should do it.”

OpenAI shifts to Google for cloud computing support as Microsoft partnership falters, despite Sam Altman’s “compute-sufficient” claim

Clair Obscur: Expedition 33 now lets you rematch the game’s most brutal boss

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

Graphite spyware used in Apple iOS zero-click attacks on journalists

My favorite File Explorer replacement just got better

Overwatch 2 joins up with Street Fighter 6 in this dream-come-true collaboration

Paleta generates color palettes with ease

CVE-2025-45863 – TOTOLINK A3002R Buffer Overflow in formMapDelDevice

Dev runs Windows 11 ARM on an iPad Air M2 using UTM with JIT, and it’s decent

CVE-2025-4985 – “3DEXPERIENCE Project Portfolio Manager Stored XSS Vulnerability”

CVE-2025-3759 – Netgear IGD Unauthenticated Configuration Change Vulnerability

CVE-2025-5853 – Tenda AC6 Stack-Based Buffer Overflow Vulnerability

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

Related Posts