CVE-2026-0507
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.4 / 10
Vector String
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Description
Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating system commands. Successful exploitation could lead to full compromise of the system�s confidentiality, integrity, and availability.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-78
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!