A partner account manager can help. Contact us today.

 Subscribe me your mailing list

[ERPSCAN-16-032] SAP Telnet Console – Directory traversal vulnerability

Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.4
Vendor URL: SAP
Bugs: Directory traversal
Reported: 04.12.2015
Vendor response: 05.12.2015
Date of Public Advisory: 08.08.2016
Reference: SAP Security Note 2280371
Author: Mathieu GELI (ERPScan)


An authenticated user to the Telnet service can disclose files outside of the JVM.

Business risk

An attacker can use a Directory traversal vulnerability to access arbitrary files and directories located in an SAP server filesystem including application source code, configuration and system files. It allows obtaining critical technical and business-related information stored in a vulnerable SAP system.