SAP NetWeaver 7.0 DiagTraceHex() Function Remote Code Execution and Denial of Service Vulnerability

SAP NetWeaver 7.0 DiagTraceHex() Function Remote Code Execution and Denial of Service Vulnerability

CVE-2011-1517 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.

Learn more about our Web Application Penetration Testing UK.