CVE-2025-42977 – SAP NetWeaver Visual Composer Directory Traversal Vulnerability

June 9, 2025

CVE ID : CVE-2025-42977

Published : June 10, 2025, 1:15 a.m. | 23 minutes ago

Description : SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on integrity.

Severity: 7.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-42984 – SAP S/4HANA Authorization Bypass

Next Article CVE-2025-42982 – SAP GRC Authentication Bypass

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-42977 – SAP NetWeaver Visual Composer Directory Traversal Vulnerability

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

Researchers Detail Zero-Click Copilot Exploit ‘EchoLeak’

Hand TeX is a handwritten LaTeX symbol classifier

CVE-2025-4483 – iSourcecode Gym Management System SQL Injection Vulnerability

CVE-2025-4577 – Smash Balloon Social Post Feed – WordPress Stored Cross-Site Scripting Vulnerability

Yokogawa Recorders Vulnerable to Attack Due to Insecure Default Settings

Setting Up a Secure Mail Server with Dovecot on Ubuntu Server

Community News: Latest PEAR Releases (04.07.2025)

Delayed OnePlus Watch 3 launches again – but with a shocking price increase

Nintendo Switch 2 Game-Key Cards reveal the death of physical console games

CVE-2025-42977 – SAP NetWeaver Visual Composer Directory Traversal Vulnerability

Related Posts