Lucene search
K

94 matches found

Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30535 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...

9.8CVSS6.7AI score0.00464EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30541 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server, potentially leading to code injection. This issue is due to improper limitation of a pathname to a...

9.8CVSS6.7AI score0.00638EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30540 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An improper authentication issue exists in MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080.0 or later...

9.8CVSS6.6AI score0.00389EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.8 views

PT-2025-30536 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...

9.8CVSS6.7AI score0.00597EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.7 views

PT-2025-30533 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: The software contains an Improper Restriction of XML External Entity Reference vulnerability that allows Server Side Request Forgery. Recommendations: Update MagicINFO 9 Server to...

9.8CVSS6.4AI score0.09221EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30531 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server. This issue allows for the upload of a web shell to a web server. Recommendations: Update MagicINFO 9...

9.8CVSS6.4AI score0.00575EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.9 views

PT-2025-30529 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An unrestricted file upload of dangerous file types in Samsung Electronics MagicINFO 9 Server allows for code injection. Recommendations: MagicINFO 9 Server versions prior to...

8.8CVSS6.7AI score0.07388EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.10 views

PT-2025-30527 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An unrestricted file upload issue with dangerous file types exists in Samsung Electronics MagicINFO 9 Server, potentially leading to code injection. Recommendations: Update MagicINFO...

8.8CVSS6.6AI score0.06862EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30534 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server. This issue allows for the upload of a web shell to a web server. Recommendations: Update MagicINFO 9...

9.8CVSS6.4AI score0.00616EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.7 views

PT-2025-30539 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An improper control of generation of code 'Code Injection' vulnerability exists in MagicINFO 9 Server. This issue allows code injection. Recommendations: Update MagicINFO 9 Server to...

9.8CVSS6.5AI score0.00645EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.8 views

PT-2025-30526 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal issue exists in Samsung Electronics MagicINFO 9 Server, potentially allowing an attacker to upload a web shell to a web server. Recommendations: Update MagicINFO 9...

9.8CVSS6.4AI score0.00611EPSS
Exploits0References8
CNVD
CNVD
added 2025/05/28 12:0 a.m.7 views

Samsung MagicINFO 9 Server Path Traversal Vulnerability

Samsung MagicINFO 9 Server is a core component of the MagicINFO solution and is responsible for content management and scheduling functions. A path traversal vulnerability exists in Samsung MagicINFO 9 Server, which stems from an improperly restricted pathname, and can be exploited by an attacker...

9.8CVSS7.2AI score0.23953EPSS
Exploits4References1
CISA KEV Catalog
CISA KEV Catalog
added 2025/05/22 12:0 a.m.28 views

Samsung MagicINFO 9 Server Path Traversal Vulnerability

Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority...

9.8CVSS9.6AI score0.23953EPSS
In wildExploits4
The Hacker News
The Hacker News
added 2025/05/14 5:57 p.m.52 views

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 CVSS score: 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricte...

9.8CVSS9.5AI score0.91941EPSS
Exploits7
Rows per page
Query Builder