Lucene search
K

285 matches found

Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.6 views

PT-2025-30529 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An unrestricted file upload of dangerous file types in Samsung Electronics MagicINFO 9 Server allows for code injection. Recommendations: MagicINFO 9 Server versions prior to...

8.8CVSS6.7AI score0.07388EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30542 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A use of hard-coded credentials issue exists in Samsung Electronics MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080....

9.8CVSS6.6AI score0.00543EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/23 12:0 a.m.3 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from the use of hard-coded credentials, and can be exploited by an attacker to cause...

9.8CVSS6.8AI score0.00554EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30536 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...

9.8CVSS6.7AI score0.00597EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30531 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server. This issue allows for the upload of a web shell to a web server. Recommendations: Update MagicINFO 9...

9.8CVSS6.4AI score0.00575EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.4 views

PT-2025-30543 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A use of hard-coded credentials issue exists in Samsung Electronics MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080....

9.8CVSS6.6AI score0.00554EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.4 views

PT-2025-30530 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...

9.8CVSS6.7AI score0.00473EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30540 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An improper authentication issue exists in MagicINFO 9 Server, allowing authentication bypass. Recommendations: Update MagicINFO 9 Server to version 21.1080.0 or later...

9.8CVSS6.6AI score0.00389EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.4 views

PT-2025-30539 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An improper control of generation of code 'Code Injection' vulnerability exists in MagicINFO 9 Server. This issue allows code injection. Recommendations: Update MagicINFO 9 Server to...

9.8CVSS6.5AI score0.00645EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/23 12:0 a.m.14 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that stems from an improper restriction of restricted directory pathnames. An attacker cou...

9.8CVSS7.6AI score0.00611EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/23 12:0 a.m.5 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A security bypass vulnerability exists in SAMSUNG MagicINFO 9 Server, which can be exploited by attackers to cause authentication bypass...

9.8CVSS6.8AI score0.00389EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/23 12:0 a.m.15 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

9.8CVSS7.6AI score0.00638EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.6 views

PT-2025-30527 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: An unrestricted file upload issue with dangerous file types exists in Samsung Electronics MagicINFO 9 Server, potentially leading to code injection. Recommendations: Update MagicINFO...

8.8CVSS6.6AI score0.06862EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/23 12:0 a.m.6 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a file upload vulnerability that originates from allowing the upload of dangerous types of files, which can be exploited ...

9.8CVSS7.7AI score0.00464EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/06/04 4:14 p.m.91 views

Exploit for Path Traversal in Samsung Magicinfo_9_Server

CVE-20...

9.8CVSS7.4AI score0.23953EPSS
Exploits4
GithubExploit
GithubExploit
added 2025/05/30 3:42 p.m.333 views

Exploit for Path Traversal in Samsung Magicinfo_9_Server

It is an offensive tool for web exploitation. This PoC exploit t...

8.8CVSS9.8AI score0.91941EPSS
Exploits3
CNVD
CNVD
added 2025/05/28 12:0 a.m.6 views

Samsung MagicINFO 9 Server Path Traversal Vulnerability

Samsung MagicINFO 9 Server is a core component of the MagicINFO solution and is responsible for content management and scheduling functions. A path traversal vulnerability exists in Samsung MagicINFO 9 Server, which stems from an improperly restricted pathname, and can be exploited by an attacker...

9.8CVSS7.2AI score0.23953EPSS
Exploits4References1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.6 views

The vulnerability of the HttpServletRequest.getParameter() function in the centralized multimedia content management system MagicINFO 9 allows a hacker to execute arbitrary code.

The vulnerability of the HttpServletRequest.getParameter function in the MagicINFO 9 centralized multimedia content management system is related to the improper creation of a file system path by combining a permanent directory, a temporary marker, and the fileName parameter. Exploiting this...

9CVSS8.5AI score0.91941EPSS
Exploits3References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.10 views

The vulnerability of the MagicINFO 9 centralized multimedia content management system lies in the improper restriction on the path name to the restricted catalog. This allows a malicious actor to gain access and add arbitrary files.

The vulnerability of the MagicINFO 9 multi-media content centralized management system is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain access and add arbitrary files...

10CVSS8.2AI score0.23953EPSS
Exploits4References5Affected Software1
Saint
Saint
added 2025/05/23 12:0 a.m.110 views

MagicINFO SWUpdateFileUploader remote command execution

Added: 05/23/2025 CVE: CVE-2025-4632 Background MagicINFO is digital signage software from Samsung. Problem A path traversal, unsafe file upload, and missing authentication vulnerability allows remote, unauthenticated attackers to upload arbitrary files to the server and then execute them using a...

9.8CVSS8AI score0.23953EPSS
Exploits4
Rows per page
Query Builder