Lucene search
K

285 matches found

Vulnrichment
Vulnrichment
added 2025/07/23 5:32 a.m.6 views

CVE-2025-54446

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.4AI score0.00616EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/23 5:32 a.m.8 views

CVE-2025-54446

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS0.00616EPSS
Exploits0References1
CVE
CVE
added 2025/07/23 5:32 a.m.20 views

CVE-2025-54446

Samsung MagicINFO 9 Server is affected by a path traversal vulnerability that allows uploading a web shell. The issue stems from improper validation in the ResponseUploadActivity/upload handling, enabling remote code execution in the context of SYSTEM. Affected products: MagicINFO 9 Server versio...

9.8CVSS7.1AI score0.00616EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:32 a.m.2 views

CVE-2025-54446

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00616EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/23 5:31 a.m.10 views

CVE-2025-54445

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...

8.2CVSS0.09221EPSS
Exploits0References1
CVE
CVE
added 2025/07/23 5:31 a.m.20 views

CVE-2025-54445

Samsung MagicINFO 9 Server is affected by CVE-2025-54445: an improper restriction of XML External Entity (XXE) references leading to Server-Side Request Forgery and potential information disclosure. Affected versions are MagicINFO 9 Server older than 21.1080.0. Public advisories describe exploita...

9.8CVSS7.2AI score0.09221EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/23 5:31 a.m.4 views

CVE-2025-54445

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...

8.2CVSS6.5AI score0.09221EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/23 5:31 a.m.7 views

CVE-2025-54448

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS0.00597EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/23 5:31 a.m.6 views

CVE-2025-54448

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.6AI score0.00597EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:31 a.m.2 views

CVE-2025-54448

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00597EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/07/23 5:31 a.m.25 views

CVE-2025-54448

CVE-2025-54448 affects Samsung Electronics MagicINFO 9 Server. The vulnerability is an unrestricted upload of files with dangerous types in MagicINFO 9 Server, enabling code injection. Technical details across sources indicate affected software is MagicINFO 9 Server, with versions prior to 21.108...

9.8CVSS7.3AI score0.00597EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/23 5:30 a.m.3 views

CVE-2025-54453

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

8.8CVSS6.5AI score0.00638EPSS
Exploits0References1
CVE
CVE
added 2025/07/23 5:30 a.m.20 views

CVE-2025-54453

Samsung MagicINFO 9 Server is affected by CVE-2025-54453 due to a path traversal vulnerability that can lead to code injection/execution in versions prior to 21.1080.0. Public advisories (ZDI-25-669, PT-2025-30541, CNVD, CNVD-2025-20071) describe remote code execution via directory traversal, wit...

9.8CVSS7.2AI score0.00638EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/23 5:30 a.m.11 views

CVE-2025-54453

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

8.8CVSS0.00638EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:30 a.m.2 views

CVE-2025-54453

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00638EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/23 5:29 a.m.3 views

CVE-2025-54452

Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...

7.3CVSS6.6AI score0.00389EPSS
Exploits0References1
CVE
CVE
added 2025/07/23 5:29 a.m.20 views

CVE-2025-54452

Samsung MagicINFO 9 Server is affected by an improper authentication vulnerability that allows authentication bypass, specifically in the ServletAuthenticationProcessingFilter component. Affected versions are MagicINFO 9 Server prior to 21.1080.0. The issue has been discussed in multiple sources ...

9.8CVSS7.2AI score0.00389EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/23 5:29 a.m.6 views

CVE-2025-54452

Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...

7.3CVSS0.00389EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:29 a.m.2 views

CVE-2025-54451

Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00645EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/23 5:29 a.m.3 views

CVE-2025-54451

Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.6AI score0.00645EPSS
Exploits0References1
Rows per page
Query Builder