Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. “The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this week.The cybersecurity
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/04/sap-confirms-critical-netweaver-flaw.html
