CVE-2010-5326

SAP NetWeaver Remote Code Execution Vulnerability

SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request. Vendor/Product: SAP NetWeaver. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2010-5326