285 matches found
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54446
Samsung MagicINFO 9 Server is affected by a path traversal vulnerability that allows uploading a web shell. The issue stems from improper validation in the ResponseUploadActivity/upload handling, enabling remote code execution in the context of SYSTEM. Affected products: MagicINFO 9 Server versio...
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54445
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54445
Samsung MagicINFO 9 Server is affected by CVE-2025-54445: an improper restriction of XML External Entity (XXE) references leading to Server-Side Request Forgery and potential information disclosure. Affected versions are MagicINFO 9 Server older than 21.1080.0. Public advisories describe exploita...
CVE-2025-54445
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54448
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54448
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54448
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54448
CVE-2025-54448 affects Samsung Electronics MagicINFO 9 Server. The vulnerability is an unrestricted upload of files with dangerous types in MagicINFO 9 Server, enabling code injection. Technical details across sources indicate affected software is MagicINFO 9 Server, with versions prior to 21.108...
CVE-2025-54453
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54453
Samsung MagicINFO 9 Server is affected by CVE-2025-54453 due to a path traversal vulnerability that can lead to code injection/execution in versions prior to 21.1080.0. Public advisories (ZDI-25-669, PT-2025-30541, CNVD, CNVD-2025-20071) describe remote code execution via directory traversal, wit...
CVE-2025-54453
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54453
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54452
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54452
Samsung MagicINFO 9 Server is affected by an improper authentication vulnerability that allows authentication bypass, specifically in the ServletAuthenticationProcessingFilter component. Affected versions are MagicINFO 9 Server prior to 21.1080.0. The issue has been discussed in multiple sources ...
CVE-2025-54452
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54451
Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54451
Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...