| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-31324 | SAP NetWeaver Unrestricted File Upload Vulnerability | exploitation_technique | T1055 | Process Injection |
Comments
Attackers have exploited this SAP vulnerability to achieve remote code execution on the target system by sending malicious ZIP files to specific server endpoints. This can be done either through use of a single command or by uploading a web shell.
References
|
| CVE-2025-31324 | SAP NetWeaver Unrestricted File Upload Vulnerability | exploitation_technique | T1505.003 | Web Shell |
Comments
Attackers have exploited this SAP vulnerability to achieve remote code execution on the target system by sending malicious ZIP files to specific server endpoints. This can be done either through use of a single command or by uploading a web shell.
References
|
| CVE-2025-31324 | SAP NetWeaver Unrestricted File Upload Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
Attackers have exploited this SAP vulnerability to achieve remote code execution on the target system by sending malicious ZIP files to specific server endpoints. This can be done either through use of a single command or by uploading a web shell.
References
|
| CVE-2025-31324 | SAP NetWeaver Unrestricted File Upload Vulnerability | secondary_impact | T1602 | Data from Configuration Repository |
Comments
Attackers have exploited this SAP vulnerability to achieve remote code execution on the target system by sending malicious ZIP files to specific server endpoints. This can be done either through use of a single command or by uploading a web shell.
References
|