285 matches found
Samsung MagicINFO 9 Server DeviceLogUploadServlet Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the DeviceLogUploadServlet class. The issue results from the lack of proper...
Samsung MagicINFO 9 Server getFontFileFromMagicInfoServer Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...
Samsung MagicINFO 9 Server OpenApiController Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenApiController class. The issue results from the lack of proper...
Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...
Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...
Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...
Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the filenameHasExecutableType method. The issue results...
Samsung MagicINFO 9 Server copyResourceToFile Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyResourceToFile method. The issue results from t...
Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Samsung MagicINFO 9 Server ResponseUploadActivity Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ResponseUploadActivity class. The issue results from the lack of proper...
Samsung MagicINFO 9 Server getZipFileListForImport Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...
Samsung MagicINFO 9 Server fillLftOrLfdInfo Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the fillLftOrLfdInfo method. The issue results from the...
Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MagicInfoWebAuthorClient app. The issue results from the lack of proper...
Samsung MagicINFO 9 Server SWUpdateFileUploadServlet Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SWUpdateFileUploadServlet class. The issue results from the lack of prope...
Samsung MagicINFO 9 Server ServletAuthenticationProcessingFilter Authentication Bypass Vulnerability
This vulnerability allows remote attackers to partially bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ServletAuthenticationProcessingFilter class. The issue results...
Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloadChangedFiles function. The issue results from the lack of proper...
CVE-2025-54445
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54454
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54443
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...
CVE-2025-54450
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...