This security bulletin contains one medium risk vulnerability.
Exploit availability: YesDescription
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload within the Visual Composer 7.0 RT in SAP NetWeaver. A remote user can upload a malicious file and execute it on the server.Mitigation
Install updates from vendor's website.Vulnerable software versions
SAP NetWeaver: 7.30 - 7.50
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?