285 matches found
PT-2025-30529 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An unrestricted file upload of dangerous file types in Samsung Electronics MagicINFO 9 Server allows for code injection. Recommendations: MagicINFO 9 Server versions prior to...
PT-2025-30542 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A use of hard-coded credentials issue exists in Samsung Electronics MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080....
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from the use of hard-coded credentials, and can be exploited by an attacker to cause...
PT-2025-30536 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...
PT-2025-30531 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server. This issue allows for the upload of a web shell to a web server. Recommendations: Update MagicINFO 9...
PT-2025-30543 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A use of hard-coded credentials issue exists in Samsung Electronics MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080....
PT-2025-30530 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...
PT-2025-30540 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An improper authentication issue exists in MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080.0 or later...
PT-2025-30539 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An improper control of generation of code 'Code Injection' vulnerability exists in MagicINFO 9 Server. This issue allows code injection. Recommendations: Update MagicINFO 9 Server to...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that stems from an improper restriction of restricted directory pathnames. An attacker cou...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security bypass vulnerability exists in SAMSUNG MagicINFO 9 Server, which can be exploited by attackers to cause authentication bypass...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
PT-2025-30527 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An unrestricted file upload issue with dangerous file types exists in Samsung Electronics MagicINFO 9 Server, potentially leading to code injection. Recommendations: Update MagicINFO...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a file upload vulnerability that originates from allowing the upload of dangerous types of files, which can be exploited ...
Exploit for Path Traversal in Samsung Magicinfo_9_Server
CVE-20...
Exploit for Path Traversal in Samsung Magicinfo_9_Server
It is an offensive tool for web exploitation. This PoC exploit t...
Samsung MagicINFO 9 Server Path Traversal Vulnerability
Samsung MagicINFO 9 Server is a core component of the MagicINFO solution and is responsible for content management and scheduling functions. A path traversal vulnerability exists in Samsung MagicINFO 9 Server, which stems from an improperly restricted pathname, and can be exploited by an attacker...
The vulnerability of the HttpServletRequest.getParameter() function in the centralized multimedia content management system MagicINFO 9 allows a hacker to execute arbitrary code.
The vulnerability of the HttpServletRequest.getParameter function in the MagicINFO 9 centralized multimedia content management system is related to the improper creation of a file system path by combining a permanent directory, a temporary marker, and the fileName parameter. Exploiting this...
The vulnerability of the MagicINFO 9 centralized multimedia content management system lies in the improper restriction on the path name to the restricted catalog. This allows a malicious actor to gain access and add arbitrary files.
The vulnerability of the MagicINFO 9 multi-media content centralized management system is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain access and add arbitrary files...
MagicINFO SWUpdateFileUploader remote command execution
Added: 05/23/2025 CVE: CVE-2025-4632 Background MagicINFO is digital signage software from Samsung. Problem A path traversal, unsafe file upload, and missing authentication vulnerability allows remote, unauthenticated attackers to upload arbitrary files to the server and then execute them using a...