Lucene search
+L

285 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server DeviceLogUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the DeviceLogUploadServlet class. The issue results from the lack of proper...

7.2CVSS6.9AI score0.00589EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server getFontFileFromMagicInfoServer Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...

8.8CVSS7.1AI score0.07388EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.8 views

Samsung MagicINFO 9 Server OpenApiController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenApiController class. The issue results from the lack of proper...

8.1CVSS7AI score0.00464EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.4 views

Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...

9.1CVSS6.3AI score0.00543EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.4 views

Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...

9.8CVSS6.9AI score0.00645EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.6 views

Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...

9.1CVSS6.3AI score0.00554EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the filenameHasExecutableType method. The issue results...

9.8CVSS7AI score0.00597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.3 views

Samsung MagicINFO 9 Server copyResourceToFile Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyResourceToFile method. The issue results from t...

9.8CVSS7AI score0.00597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7AI score0.00638EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.3 views

Samsung MagicINFO 9 Server ResponseUploadActivity Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ResponseUploadActivity class. The issue results from the lack of proper...

9.8CVSS6.8AI score0.00611EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.8 views

Samsung MagicINFO 9 Server getZipFileListForImport Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...

8.8CVSS7.1AI score0.06862EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server fillLftOrLfdInfo Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the fillLftOrLfdInfo method. The issue results from the...

9.8CVSS7AI score0.0061EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.4 views

Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MagicInfoWebAuthorClient app. The issue results from the lack of proper...

9.8CVSS7AI score0.00501EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.4 views

Samsung MagicINFO 9 Server SWUpdateFileUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SWUpdateFileUploadServlet class. The issue results from the lack of prope...

9.8CVSS6.8AI score0.00575EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.6 views

Samsung MagicINFO 9 Server ServletAuthenticationProcessingFilter Authentication Bypass Vulnerability

This vulnerability allows remote attackers to partially bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ServletAuthenticationProcessingFilter class. The issue results...

7.3CVSS6.4AI score0.00389EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/28 12:0 a.m.5 views

Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloadChangedFiles function. The issue results from the lack of proper...

9.8CVSS6.3AI score0.00611EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/25 6:27 a.m.12 views

CVE-2025-54445

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.5AI score0.09221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/25 6:27 a.m.17 views

CVE-2025-54454

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.6AI score0.00543EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/25 6:27 a.m.23 views

CVE-2025-54443

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.4AI score0.00575EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/25 6:27 a.m.18 views

CVE-2025-54450

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.6AI score0.00589EPSS
Exploits0References1
Rows per page
Query Builder