CVE-2024-7399

🗓️ 09 Aug 2024 04:43:29Reported by samsung.tv_applianceType

cve🔗 web.nvd.nist.gov📰️ 16 Media mentions👁 188 Views

Improper directory limitation allows writing arbitrary file

Reporter	Title	Published	Views	Family All 19
Circl	CVE-2024-7399	5 May 202519:18	–	circl
CISA KEV Catalog	Samsung MagicINFO 9 Server Path Traversal Vulnerability	24 Apr 202600:00	–	cisa_kev
CISA	CISA Adds Four Known Exploited Vulnerabilities to Catalog	24 Apr 202612:00	–	cisa
CNVD	SAMSUNG MagicINFO 9 Server path traversal vulnerability (CNVD-2025-20807)	16 Aug 202400:00	–	cnvd
Cvelist	CVE-2024-7399	9 Aug 202404:43	–	cvelist
GithubExploit	Exploit for Path Traversal in Samsung Magicinfo_9_Server	30 May 202515:42	–	githubexploit
Metasploit	Samsung MagicINFO 9 Server Remote Code Execution (CVE-2024-7399)	19 May 202518:55	–	metasploit
Nuclei	Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution	5 Jun 202603:02	–	nuclei
NVD	CVE-2024-7399	12 Aug 202413:38	–	nvd
Packet Storm	📄 Samsung MagicINFO 9 Server Remote Code Execution	19 May 202500:00	–	packetstorm

NVD

Node

samsung magicinfo_9_serverRange<21.1050.0

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "MagicINFO 9 Server",
    "vendor": "Samsung Electronics",
    "versions": [
      {
        "lessThan": "21.1050",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
security	www.security.samsungtv.com/securityUpdates
arcticwolf	www.arcticwolf.com/resources/blog-uk/arctic-wolf-observes-exploitation-of-path-traversal-vulnerability-in-samsung-magicinfo-9-server-cve-2024-7399/
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

24 Apr 2026 20:23Current

7High risk

Vulners AI Score7

CVSS 3.18.8 - 9.8

EPSS0.70713

SSVC

samsung magicinfo directory limitation arbitrary file system authority vulnerability