Yvan Genuer
Yvan Genuer is a Senior Offensive Security Researcher at Onapsis Research Labs. With over 20 years of experience in the SAP ecosystem, Yvan specializes in identifying and remediating deep-seated vulnerabilities within business-critical applications. He is a recognized expert in SAP offensive security and has received numerous official acknowledgments from SAP for his contributions to global cybersecurity and responsible vulnerability disclosure. As a key member of the Onapsis Research Labs team, Yvan’s work provides the foundational threat intelligence that powers the Onapsis platform and protects organizations from evolving cyber threats.
Research Discovery: Identification of CVE-2025-42937 (SAPSprint RCE)
Onapsis Research Labs has identified a remotely exploitable path traversal vulnerability within the SAP Print Protocol. This protocol, used to send print requests to the SAPSprint service, fails to properly sanitize one path. The exploit, which requires no authentication, and operating by default on target port 515, allows an attacker to upload arbitrary files to…
Critical Remediation Guide: Securing SAPSprint Against CVE-2025-42937
A critical vulnerability in the SAPSprint service allows unauthenticated remote attackers to execute arbitrary commands with SYSTEM privileges on Windows servers. Because this service often runs on default ports (515) without authentication, it represents a high-priority target for threat actors seeking an initial foothold in SAP environments. This guide provides a verified, step-by-step procedure to…