cve/2017/CVE-2017-16682.md

### [CVE-2017-16682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16682)
![](https://img.shields.io/static/v1?label=Product&message=SAP%20NetWeaver%20Internet%20Transaction%20Server%20(ITS)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Code%20Injection&color=brighgreen)

### Description

SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.

### POC

#### Reference
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/

#### Github
No PoCs found on GitHub currently.
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`### [CVE-2017-16682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16682)`
			`![](https://img.shields.io/static/v1?label=Product&message=SAP%20NetWeaver%20Internet%20Transaction%20Server%20(ITS)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Code%20Injection&color=brighgreen)`

			`### Description`

			`SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.`

			`### POC`

			`#### Reference`
Removed duplicates 2024-06-18 02:51:15 +02:00			`- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00
			`#### Github`
			`No PoCs found on GitHub currently.`