PULSE
LIVE22signals / 24h
FEED
ransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Services
← All CVEs
CVE Watch

CVE-2010-5326

SAP NetWeaver Remote Code Execution Vulnerability

CVSS

No CVSS

EPSS

17.4%

p97

KEV

YES

Nov 3, 2021

Exploit Today

79

0-100

Published: · Last modified:

EPSS · 30d
17.4%EPSS · 30 days17.4%
2026-06-302026-07-16
KEV catalog record

Product

SAP / NetWeaver

Vulnerability

SAP NetWeaver Remote Code Execution Vulnerability

Added to KEV

Nov 3, 2021

Remediate by

May 3, 2022

Known ransomware use

No

Summary description

SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.

Required action

Apply updates per vendor instructions.

Notes

https://nvd.nist.gov/vuln/detail/CVE-2010-5326

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-31324
99.9%
KEV80SAP NetWeaver Unrestricted File Upload Vulnerability
CVE-2017-12637
99.8%
KEV80SAP NetWeaver Directory Traversal Vulnerability
CVE-2020-6287
99.8%
KEV80SAP NetWeaver Missing Authentication for Critical Function Vulnerability
CVE-2016-2386
99.3%
KEV80SAP NetWeaver SQL Injection Vulnerability
CVE-2016-2388
98.8%
KEV80SAP NetWeaver Information Disclosure Vulnerability
CVE-2016-3976
98.7%
KEV80SAP NetWeaver Directory Traversal Vulnerability