{"id":71603,"date":"2025-10-14T04:45:32","date_gmt":"2025-10-14T01:15:32","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-42910-unrestricted-file-upload-vulnerability-in-sap-supplier-relationship-management\/"},"modified":"2025-10-14T04:45:32","modified_gmt":"2025-10-14T01:15:32","slug":"cve-2025-42910-unrestricted-file-upload-vulnerability-in-sap-supplier-relationship-management","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-42910-unrestricted-file-upload-vulnerability-in-sap-supplier-relationship-management\/","title":{"rendered":"CVE-2025-42910 &#8211; Unrestricted File Upload Vulnerability in SAP Supplier Relationship Management"},"content":{"rendered":"<p>CVE ID : CVE-2025-42910<\/p>\n<p>Published :  Oct. 14, 2025, 1:15 a.m. | 1\u00a0hour, 24\u00a0minutes ago<\/p>\n<p>Description : Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. These files could include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker could cause high impact on confidentiality, integrity and availability of the application.<\/p>\n<p>Severity: 9.0 | CRITICAL<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-42910 Published : Oct. 14, 2025, 1:15 a.m. | 1\u00a0hour, 24\u00a0minutes ago Description : Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. These files could include executables which might be downloaded and executed by the user which could host &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-71603","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71603","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=71603"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71603\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=71603"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=71603"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=71603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}