HomeVulnerabilitiesCVE-2022-22536
Critical Risk Active Exploitation

CVE-2022-22536

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.

Share this vulnerability:
⚠️

Confirmed Active Exploitation

This vulnerability is listed in the CISA KEV Catalog. Federal agencies are mandated to patch immediately. Immediate remediation is required.

Exploitation Probability (EPSS)

Critical Priority
93.83%

The Exploit Prediction Scoring System (EPSS) uses machine learning to estimate the probability that a vulnerability will be exploited in the wild within the next 30 days.

0% (Theoretical)100% (Certainty)

7-Day Exploitation Trend

Vulnerability Timeline

2 events
Feb 9, 2022
Vulnerability Disclosed
Published to component-level vulnerability database.
Nov 3, 2025
Last Updated
Record updated with new analysis or tags.

Threat Actor Attribution

PREMIUM INTEL
Associated Groups:Lazarus Group, APT28
Ransomware Campaigns:LockBit 3.0, BlackCat
IoCs (Indicators):14 IPs, 3 Hashes

Remediation & Mitigation

SOLUTION

Official patches and mitigation steps are available for this vulnerability.

# Update Command
apt-get update && apt-get upgrade -y specific-package
# Verify installation
dpkg -l | grep package-name

Affected Products

26 Total
sap/content_server7.53
sap/netweaver_application_server_abap7.22
sap/netweaver_application_server_abap7.49
sap/netweaver_application_server_abap7.53
sap/netweaver_application_server_abap7.77

References

https://launchpad.support.sap.com/#/notes/3123396Sap
Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlSap
Not ApplicableVendor AdvisoryBroken Link
https://launchpad.support.sap.com/#/notes/3123396Sap
Permissions Required
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlSap
Not ApplicableVendor AdvisoryBroken Link

Am I Vulnerable?

Check your domain or package.json for CVE-2022-22536 exposure.

Share This Page

Help others discover this vulnerability information

Vulnerability Details

CVSS Base Score
10/ 10
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Published Date
Feb 9, 2022
Last Modified
Nov 3, 2025
Need API Access?

Integrate this data into your SOAR platform.

View Plans →
Need Manual Validation?

Automated scanners flag false positives. Get a manual pentest validation for this CVE.