Cybersecurity experts at OP Innovate have uncovered evidence that CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer, was actively exploited nearly three weeks before its public disclosure. This flaw, residing in the /developmentserver/metadatauploader endpoint, lacks proper authentication and authorization controls, enabling unauthenticated attackers to upload malicious files like web shells, leading to potential […] The post Qilin Exploits SAP Zero-Day Vulnerability Weeks Ahead of Public Disclosure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/qilin-exploits-sap-zero-day-vulnerability/
