285 matches found
CVE-2024-7399
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority...
CVE-2024-7399
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority...
CVE-2024-7399
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority...
CVE-2024-7399
CVE-2024-7399 affects Samsung MagicINFO 9 Server prior to 21.1050. A path-traversal flaw in the SWUpdateFileUploader servlet allows writing arbitrary JSP files with SYSTEM privileges, enabling remote code execution (RCE) and full server compromise. Exploitation is reported as unauthenticated via ...
PT-2024-38323
Name of the Vulnerable Software and Affected Versions Samsung MagicINFO 9 Server versions prior to 21.1050 Description An improper limitation of a pathname to a restricted directory allows unauthenticated remote attackers to write arbitrary files with system authority. This issue is linked to the...