Lucene search
K

7 matches found

Saint
Saint
added 2025/05/23 12:0 a.m.211 views

MagicINFO SWUpdateFileUploader remote command execution

Added: 05/23/2025 CVE: CVE-2025-4632 Background MagicINFO is digital signage software from Samsung. Problem A path traversal, unsafe file upload, and missing authentication vulnerability allows remote, unauthenticated attackers to upload arbitrary files to the server and then execute them using a...

9.8CVSS8.2AI score0.23953EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/05/15 6:13 a.m.15 views

CVE-2025-4632

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority...

9.8CVSS7.1AI score0.23953EPSS
Exploits4References3
The Hacker News
The Hacker News
added 2025/05/14 5:57 p.m.52 views

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 CVSS score: 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricte...

9.8CVSS9.5AI score0.91941EPSS
Exploits7
Circl
Circl
added 2025/05/13 6:30 a.m.30 views

CVE-2025-4632

creationtimestamp| type| source ---|---|--- 2025-05-13 06:30:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16080 2025-05-13 06:47:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lozvazwfdb2e 2025-05-13 09:41:16+00:00| seen| https://t.me/cvedetector/25168 2025-05-13...

9.8CVSS7.5AI score0.23953EPSS
Exploits4References54
Cvelist
Cvelist
added 2025/05/13 5:19 a.m.41 views

CVE-2025-4632

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority...

9.8CVSS0.23953EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2025/05/13 5:19 a.m.11 views

CVE-2025-4632

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority...

9.8CVSS9.5AI score0.23953EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2025/05/13 12:0 a.m.10 views

CVE-2025-4632

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS9.5AI score0.23953EPSS
In wildExploits4References2
Rows per page
Query Builder