SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.
PoC: CVE-2025-31324
CVE-2025-31324, SAP Exploit
PoC: CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
PoC: sap_netweaver_cve-2025-31324-
Research Purposes only
PoC: CVE-2025-31324_PoC
Proof-of-Concept for CVE-2025-31324: Unauthenticated upload in SAP NetWeaver Visual Composer Metadata Uploader
PoC: nuclei-template-cve-2025-31324-check
sap-netweaver-cve-2025-31324-check
PoC: Onapsis-Mandiant-CVE-2025-31324-Vuln-Compromise-Assessment
CVE-2025-31324 vulnerability and compromise assessment tool
PoC: CVE-2025-31324-File-Upload
A totally unauthenticated file-upload endpoint in Visual Composer lets anyone drop arbitrary files (e.g., a JSP web-shell) onto the server.
PoC: CVE-2025-31324
Proof-of-Concept 0day for SAP NetWeaver created by ShinyHunters
PoC: sap-netweaver-0day-CVE-2025-31324
sap netweaver 0day poc by shinyhunters (scattered lapsus$ hunters) affecting all 7.x CVE-2025-31324
PoC: CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader 7.50 CVE-2025-31324 PoC
PoC: CVE-2025-31324
A Python-based security scanner for identifying the CVE-2025-31324 vulnerability in SAP Visual Composer systems, and detecting known Indicators of Compromise (IOCs) such as malicious .jsp.
PoC: jsp-webshell-scanner
馃攳 A simple Bash script to detect malicious JSP webshells, including those used in exploits of SAP NetWeaver CVE-2025-31324.
PoC: Burp_CVE-2025-31324
Python-based Burp Suite extension is designed to detect the presence of CVE-2025-31324
PoC: CVE-2025-31324
Unauthenticated upload in SAP NetWeaver Visual Composer Metadata Uploader
PoC: CVE-2025-31324_PoC_SAP
Proof-of-Concept for CVE-2025-31324: Unauthenticated upload in SAP NetWeaver Visual Composer Metadata Uploader
PoC: SAP-CVE-2025-31324
SAP NetWeaver Unauthenticated Remote Code Execution
PoC: CVE-2025-31324-NUCLEI
Nuclei template for cve-2025-31324 (SAP)
PoC: CVE-2025-31324
SAP PoC para CVE-2025-31324
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free