3850 matches found
CVE-2025-54447
Samsung MagicINFO 9 Server is affected by an Unrestricted Upload of File with Dangerous Type vulnerability (CVE-2025-54447). The issue, present in MagicINFO 9 Server versions prior to 21.1080.0, allows code injection through uploading dangerous file types. ZDI details remote code execution via th...
CVE-2025-54447
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54446
Samsung MagicINFO 9 Server is affected by a path traversal vulnerability that allows uploading a web shell. The issue stems from improper validation in the ResponseUploadActivity/upload handling, enabling remote code execution in the context of SYSTEM. Affected products: MagicINFO 9 Server versio...
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54445
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54445
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54448
CVE-2025-54448 affects Samsung Electronics MagicINFO 9 Server. The vulnerability is an unrestricted upload of files with dangerous types in MagicINFO 9 Server, enabling code injection. Technical details across sources indicate affected software is MagicINFO 9 Server, with versions prior to 21.108...
CVE-2025-54448
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54452
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54452
Samsung MagicINFO 9 Server is affected by an improper authentication vulnerability that allows authentication bypass, specifically in the ServletAuthenticationProcessingFilter component. Affected versions are MagicINFO 9 Server prior to 21.1080.0. The issue has been discussed in multiple sources ...
CVE-2025-54451
Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54451
Samsung MagicINFO 9 Server is affected by CVE-2025-54451 due to improper control of code generation, with public sources indicating a code injection/remote code execution risk through deserialization in the RMI service. Affected versions are MagicINFO 9 Server older than 21.1080.0. Public advisor...
CVE-2025-54449
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54449
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54455
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54454
Samsung MagicINFO 9 Server is affected by a hard-coded credentials vulnerability that enables authentication bypass. Affected versions are prior to 21.1080.0; exploitation can lead to unauthorized access with high impact on confidentiality, integrity, and availability as indicated by CVSS vectors...
CVE-2025-54454
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
PT-2025-30536 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A flaw exists in Samsung Electronics MagicINFO 9 Server that allows code injection through the unrestricted upload of files with dangerous types. Recommendations: Update MagicINFO 9...
PT-2025-30534 · Samsung · Magicinfo 9 Server
Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server. This issue allows for the upload of a web shell to a web server. Recommendations: Update MagicINFO 9...