Threat Brief: CVE-2025-31324

SUMMARY :

CVE-2025-31324 is a critical vulnerability residing in the SAP NetWeaver Application Server Java's Visual Composer component (VCFRAMEWORK). While not installed by default, business analysts commonly use this component to create applications without coding, making it widely present in SAP deployments. following the public disclosure of this vulnerability, PaloAlto saw a variety of attacks exploiting this vulnerability and attempting to send different payloads to the server.

OPENCTI LABELS :

alliance,april,test,sha256 hash,sap netweaver,ipv4 address,attempted get,suspected web,hosting,cve202531324,goreverse,visual composer,http


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Threat Brief: CVE-2025-31324