Security News > 2025 > April > New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
2025-04-25 10:41

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.  "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week. The cybersecurity


News URL

https://thehackernews.com/2025/04/sap-confirms-critical-netweaver-flaw.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2017-07-12 CVE-2017-9844 Deserialization of Untrusted Data vulnerability in SAP Netweaver 7400.12.21.30308
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804.
network
low complexity
sap CWE-502
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
SAP 329 25 688 385 114 1212