Vulnerabilities > CVE-2013-6820 - Unspecified vulnerability in SAP Netweaver Development Infrastructure
Summary
Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors. Per: http://cwe.mitre.org/data/definitions/434.html "CWE-434: Unrestricted Upload of File with Dangerous Type" Per: http://erpscan.com/advisories/dsecrg-13-004-sap-netweaver-di-arbitrary-file-upload/ "The vulnerability can lead to uploading any file to SAP web server without authorization. An attacker can use it to upload a backdoor and obtain full access to SAP system. "
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |