CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

April 25, 2025

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

A critical zero-day vulnerability affecting SAP NetWeaver Visual Composer MetadataUploader, now tracked as CVE-2025-31324, is being actively exploited in the wild to compromise enterprise and governme …

Published Date:
Apr 25, 2025 (5 hours, 44 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleLazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities

Next Article Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

I ran with the Apple Watch and Samsung Watch 8 – here’s the better AI coach

8 smart home gadgets that instantly upgraded my house (and why they work)

I tested Panasonic’s new affordable LED TV model – here’s my brutally honest buying advice

OpenAI teases imminent GPT-5 launch. Here’s what to expect

NativePHP Is Entering Its Next Phase

NativePHP Is Entering Its Next Phase

Medical Card Generator Android App Project Using SQLite

The details of TC39’s last meeting

Elden Ring Nightreign’s Patch 1.02 update next week is adding a feature we’ve all been waiting for since launch — and another I’ve been begging for, too

Elden Ring Nightreign’s Patch 1.02 update next week is adding a feature we’ve all been waiting for since launch — and another I’ve been begging for, too

The next time you look at Microsoft Copilot, it may look back — but who asked for this?

5 Open Source Apps You Can use for Seamless File Transfer Between Linux and Android

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

SharePoint under fire: ToolShell attacks hit organizations worldwide

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

CVE-2024-42922 – AAPanel OS Command Injection Vulnerability

TryHackMe Room Walkthrough: Billing

CVE-2025-47771 – PowSyBl SparseMatrix Deserialization Privilege Escalation Vulnerability

Gemini in Gmail Now Handles Google Calendar Tasks on Android and iOS

CVE-2025-48079 – Metagauss ProfileGrid Missing Authorization Vulnerability

CVE-2025-49809 – MTR Sudo Execution Hijacking Vulnerability

CVE-2025-7894 – Onyx Chat Interface SQL Injection Vulnerability

Your iPad is getting a major upgrade. Here are the best features in iPadOS 26

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

Related Posts