Cybercrime

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework


Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. 
“The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this week.
The cybersecurity

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button