Execute potentially dangerous commands in Visual Admin, SAP security note 1550224

Description

The Visual Administrator tool contains a vulnerability through which a malicious user can potentially execute arbitrary programs on the server where the tool runs

Available fix and Supported packages

SAP-JEE | 6.40 | 6.40
SAP-JEE | 7.00 | 7.02
SAP-JEECOR | 7.00 | 7.00
SAP-JEECOR | 6.40 | 6.40
SAP-JEECOR | 7.01 | 7.02
CORE-TOOLS | 7.00 | 7.02
J2EE ENGINE CORE TOOLS 7.00 | SP024 | 000000
J2EE ENGINE CORE TOOLS 7.00 | SP025 | 000000
J2EE ENGINE CORE TOOLS 7.01 | SP009 | 000000
J2EE ENGINE CORE TOOLS 7.02 | SP008 | 000000
SAP J2EE ENGINE 6.40 | SP028 | 000000
SAP J2EE ENGINE 7.00 | SP025 | 000000
SAP J2EE ENGINE 7.01 | SP009 | 000000
SAP J2EE ENGINE 7.02 | SP008 | 000000
SAP J2EE ENGINE CORE 6.40 | SP028 | 000000
SAP J2EE ENGINE CORE 7.00 | SP024 | 000000
SAP J2EE ENGINE CORE 7.01 | SP009 | 000000
SAP J2EE ENGINE CORE 7.02 | SP008 | 000000

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1550224

Vahagn Vardanian

Execute potentially dangerous commands in Visual Admin, SAP security note 1550224

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Visual-Admin
#tampering

Explore More

SAP Security Patch Day June 2026

RedRays ABAP Security Challenge 2026

SAP Security Patch Day – May 2026

SAP npm Packages Hijacked to Steal Cloud Credentials and Weaponize AI Coding Agents

Vahagn Vardanian

Execute potentially dangerous commands in Visual Admin, SAP security note 1550224

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Visual-Admin#tampering

Explore More

SAP Security Patch Day June 2026

RedRays ABAP Security Challenge 2026

SAP Security Patch Day – May 2026

SAP npm Packages Hijacked to Steal Cloud Credentials and Weaponize AI Coding Agents

#Visual-Admin
#tampering