In recent days, major security companies such as ReliaQuest and Onapsis have disclosed the active exploitation of CVE-2025-31324, a critical vulnerability in SAP NetWeaver’s Visual Composer component. The vulnerability allows unauthenticated attackers to upload arbitrary files, particularly JSP webshells, via the vulnerable developmentserver / metadatauploader endpoint.
