Back to CVE List

CVE-2026-0507

HIGH SEVERITY

CVSS Score & Metrics

Base Score
8.4 / 10
Vector String
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Vulnerability Description

Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating system commands. Successful exploitation could lead to full compromise of the system�s confidentiality, integrity, and availability.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-78
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!