VYPR

MagicINFO Server

by Samsung Electronics

CVEs (7)

  • CVE-2025-54448CriJul 23, 2025
    risk 0.64cvss 9.8epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54444CriJul 23, 2025
    risk 0.64cvss 9.8epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54443CriJul 23, 2025
    risk 0.64cvss 9.8epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

  • CVE-2025-54455CriJul 23, 2025
    risk 0.59cvss 9.1epss 0.01

    Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54454CriJul 23, 2025
    risk 0.59cvss 9.1epss 0.01

    Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54445HigJul 23, 2025
    risk 0.54cvss 8.2epss 0.09

    Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54447HigJul 23, 2025
    risk 0.53cvss 8.1epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.