SAP.NetWeaver.Visual.Composer.Unrestricted.File.Upload
Description
This indicates an attack attempt to exploit an Unrestricted File Upload Vulnerability in SAP NetWeaver.
This vulnerability is due to improper input validation when uploading files. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server. Successfully exploiting this vulnerability can result in uploading of web shells and remote code execution.
Affected Products
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |