Lucene search
K

10 matches found

Source Incite
Source Incite
added 2025/08/13 12:0 a.m.148 views

SRC-2025-0001 : Samsung MagicINFO 9 Server ResponseBootstrappingActivity Exposed Dangerous Method Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO. Authentication is required and SaaS environment needs to be configured. The specific flaw exists within ability to dynamically create FTP accounts. An attack...

6.7AI score
Exploits0
OSV
OSV
added 2025/07/23 6:15 a.m.2 views

CVE-2025-54449

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.0061EPSS
Exploits0References1
OSV
OSV
added 2025/07/23 6:15 a.m.3 views

CVE-2025-54446

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00616EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:35 a.m.3 views

CVE-2025-54444

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00597EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/23 5:34 a.m.3 views

CVE-2025-54442

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS6.6AI score0.00473EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:32 a.m.2 views

CVE-2025-54447

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00464EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:29 a.m.2 views

CVE-2025-54451

Improper Control of Generation of Code 'Code Injection' vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00645EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:27 a.m.2 views

CVE-2025-54449

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.0061EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/07/23 5:27 a.m.2 views

CVE-2025-54455

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0...

9.8CVSS5.8AI score0.00554EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.3 views

PT-2025-30541 · Samsung · Magicinfo 9 Server

Name of the Vulnerable Software and Affected Versions: MagicINFO 9 Server versions prior to 21.1080.0 Description: A path traversal vulnerability exists in Samsung Electronics MagicINFO 9 Server, potentially leading to code injection. This issue is due to improper limitation of a pathname to a...

9.8CVSS6.7AI score0.00638EPSS
Exploits0References7
Rows per page
Query Builder