APT34 Abuses Port 8080 for Fake 404 Pages and Reuse SSH Keys – Active IOCs

April 24, 2025

Quasar RAT aka CinaRAT – Active IOCs

April 25, 2025

CVE-2025-31324 – SAP NetWeaver Vulnerability

April 25, 2025

Severity

High

Analysis Summary

CVE-2025-31324

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2025-31324

Affected Vendors

SAP

Affected Products

SAP NetWeaver Visual Composer Metadata Uploader

Remediation

Refer to SAP Website for patch, upgrade, or suggested workaround information. (Login Required)

SAP Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

F5 BIG-IP Exploit Allows Attackers to Escape Admin Restrictions

Multiple F5 BIG-IP Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us