支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款
一、 漏洞 CVE-2025-31324 基础信息
漏洞信息
                                        # SAP NetWeaver中的授权检查缺失(视觉开发服务器)

## 漏洞概述
SAP NetWeaver Visual Composer Metadata Uploader由于缺乏适当的授权保护,允许未认证的攻击者上传潜在的恶意可执行二进制文件,从而严重危害目标主机系统。

## 影响版本
未指定具体版本

## 漏洞细节
SAP NetWeaver Visual Composer Metadata Uploader未实施适当的授权保护机制,导致任何未认证的用户均可上传恶意二进制文件至系统。

## 影响
此漏洞可能严重影响系统的保密性、完整性和可用性。
神龙判断

是否为 Web 类漏洞:

判断理由:

是。这个漏洞是由于SAP NetWeaver Visual Composer Metadata Uploader缺乏适当的授权保护,允许未认证的用户上传可能包含恶意的可执行二进制文件,这些文件可能对宿主系统造成严重损害,影响系统的机密性、完整性和可用性。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Missing Authorization check in SAP NetWeaver (Visual Composer development server)
来源:美国国家漏洞数据库 NVD
漏洞描述信息
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
来源:美国国家漏洞数据库 NVD
漏洞类别
危险类型文件的不加限制上传
来源:美国国家漏洞数据库 NVD
漏洞标题
SAP NetWeaver Visual Composer Metadata Uploader 代码问题漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
SAP NetWeaver Visual Composer Metadata Uploader是德国思爱普(SAP)公司的一个用于辅助建模的工具。 SAP NetWeaver Visual Composer Metadata Uploader存在代码问题漏洞,该漏洞源于授权不当,可能导致上传恶意可执行文件。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
代码问题
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2025-31324 的公开POC
#POC 描述源链接神龙链接
1SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-31324.yamlPOC详情
2SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.https://github.com/rxerium/CVE-2025-31324POC详情
3CVE-2025-31324, SAP Exploithttps://github.com/redrays-io/CVE-2025-31324POC详情
4Nonehttps://github.com/Onapsis/Onapsis_CVE-2025-31324_Scanner_ToolsPOC详情
5SAP PoC para CVE-2025-31324https://github.com/moften/CVE-2025-31324POC详情
6Nuclei template for cve-2025-31324 (SAP)https://github.com/moften/CVE-2025-31324-NUCLEIPOC详情
7SAP NetWeaver Unauthenticated Remote Code Executionhttps://github.com/Alizngnc/SAP-CVE-2025-31324POC详情
8Proof-of-Concept for CVE-2025-31324: Unauthenticated upload in SAP NetWeaver Visual Composer Metadata Uploaderhttps://github.com/ODST-Forge/CVE-2025-31324_PoCPOC详情
9Proof-of-Concept for CVE-2025-31324: Unauthenticated upload in SAP NetWeaver Visual Composer Metadata Uploaderhttps://github.com/abrewer251/CVE-2025-31324_PoC_SAPPOC详情
10Unauthenticated upload in SAP NetWeaver Visual Composer Metadata Uploaderhttps://github.com/Pengrey/CVE-2025-31324POC详情
11Python-based Burp Suite extension is designed to detect the presence of CVE-2025-31324https://github.com/BlueOWL-overlord/Burp_CVE-2025-31324POC详情
12A totally unauthenticated file-upload endpoint in Visual Composer lets anyone drop arbitrary files (e.g., a JSP web-shell) onto the server.https://github.com/nullcult/CVE-2025-31324-File-UploadPOC详情
13🔍 A simple Bash script to detect malicious JSP webshells, including those used in exploits of SAP NetWeaver CVE-2025-31324.https://github.com/respondiq/jsp-webshell-scannerPOC详情
14A Python-based security scanner for identifying the CVE-2025-31324 vulnerability in SAP Visual Composer systems, and detecting known Indicators of Compromise (IOCs) such as malicious .jsp.https://github.com/JonathanStross/CVE-2025-31324POC详情
15CVE-2025-31324 & CVE-2025-42999 vulnerability and compromise assessment toolhttps://github.com/Onapsis/Onapsis-Mandiant-CVE-2025-31324-Vuln-Compromise-AssessmentPOC详情
16Research Purposes onlyhttps://github.com/rf-peixoto/sap_netweaver_cve-2025-31324-POC详情
17Nonehttps://github.com/NULLTRACE0X/CVE-2025-31324POC详情
18sap-netweaver-cve-2025-31324-checkhttps://github.com/nairuzabulhul/nuclei-template-cve-2025-31324-checkPOC详情
19SAP NetWeaver Visual Composer Metadata Uploader <= 7.50 CVE-2025-31324 PoChttps://github.com/sug4r-wr41th/CVE-2025-31324POC详情
20sap netweaver 0day poc by shinyhunters (scattered lapsus$ hunters) affecting all 7.x CVE-2025-31324https://github.com/antichainalysis/sap-netweaver-0day-CVE-2025-31324POC详情
21Nonehttps://github.com/harshitvarma05/CVE-2025-31324-ExploitsPOC详情
22Proof-of-Concept 0day for SAP NetWeaver created by ShinyHuntershttps://github.com/aristois913/CVE-2025-31324POC详情
三、漏洞 CVE-2025-31324 的情报信息

  • 标题: SAP for Me: Sign In -- 🔗来源链接

    标签:

    SAP for Me: Sign In

  • 标题: Access Denied -- 🔗来源链接

    标签:

    神龙速读:
                                            从这个网页截图中,我们可以获取到以下关于漏洞的关键信息:

1. **访问被拒绝**:用户尝试访问的URL是`http://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html`,但被服务器拒绝访问。

2. **参考编号**:访问被拒绝的参考编号是`#18.5c8a1402.1725986394.a978303`。

3. **错误页面链接**:用户可以访问`https://errors.edgesuite.net/18.5c8a1402.1725986394.a978303`以获取更多关于错误的信息。

这些信息可以帮助用户了解访问被拒绝的原因,并可能提供进一步的诊断和解决方案。
    Access Denied
  • https://nvd.nist.gov/vuln/detail/CVE-2025-31324
四、漏洞 CVE-2025-31324 的评论

暂无评论

发表评论