32 matches found
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Samsung MagicINFO 9 Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produ...
CVE-2026-25203
Samsung MagicINFO 9 Server is affected by an Incorrect Default Permissions Local Privilege Escalation vulnerability in versions before 21.1091.1. The issue, with CVSSv3.1 metrics of AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H and a base score of 7.8 (HIGH), indicates that an attacker with local access an...
CVE-2026-25202
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...
CVE-2026-25202
The CVE-2026-25202 issue affects Samsung MagicINFO 9 Server prior to version 21.1090.1. The vulnerability arises from hard-coded database credentials (account and password), permitting login to the database and potential manipulation of data, with impact to confidentiality and integrity (as descr...
SAMSUNG MagicINFO 9 Server 安全漏洞
SAMSUNG MagicINFO 9 Server is an enterprise-level digital signage content management and device monitoring platform developed by South Korean company Samsung. Previous versions of SAMSUNG MagicINFO 9 Server, such as 21.1090.1, contained security vulnerabilities. These vulnerabilities stemmed from...
Samsung MagicINFO Server Path Traversal RCE (CVE-2025-54443)
Binary data samsungmagicinfoservercve-2025-54443.nbin...
EUVD-2025-22422
Malicious code in bioql PyPI...
Samsung MagicINFO Server < 21.1052.0 Path Traversal
The version of Samsung MagicINFO Server installed on the remote Windows host is affected by a vulnerability. Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority...
SRC-2025-0006 : Samsung MagicINFO 9 Server MagicInfoWebAuthorClient ContentSaveServiceImpl writeXmlToFile File Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the ContentSaveServiceImpl class. The issue results from t...
SRC-2025-0003 : Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloadChangedFiles function. The issue results fr...
SAMSUNG MagicINFO 9 Server File Upload Vulnerability (CNVD-2025-20802)
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A file upload vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from a failure to perform strict checks on uploaded file types. An attacker can...
SAMSUNG MagicINFO 9 Server path traversal vulnerability (CNVD-2025-20801)
SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that stems from not strictly limiting restricted directory pathnames. An attacker could...
CVE-2025-54449
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54444
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54442
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54441
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54438
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54438
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54442
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...