VYPR

Magicinfo 9 Server

by Samsung Mobile

CVEs (24)

  • CVE-2024-7399HigKEVAug 12, 2024
    risk 0.78cvss 8.8epss 0.92

    Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

  • CVE-2026-25203HigApr 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.

  • CVE-2025-4632KEVMay 13, 2025
    risk 0.15cvss epss 0.24

    Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.

  • CVE-2026-25202Feb 2, 2026
    risk 0.00cvss epss 0.00

    The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.

  • CVE-2026-25201Feb 2, 2026
    risk 0.00cvss epss 0.00

    An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.

  • CVE-2026-25200Feb 2, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.

  • CVE-2025-54439Jul 23, 2025
    risk 0.00cvss epss 0.07

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54438Jul 23, 2025
    risk 0.00cvss epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

  • CVE-2025-54444Jul 23, 2025
    risk 0.00cvss epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54443Jul 23, 2025
    risk 0.00cvss epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

  • CVE-2025-54442Jul 23, 2025
    risk 0.00cvss epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54441Jul 23, 2025
    risk 0.00cvss epss 0.07

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54440Jul 23, 2025
    risk 0.00cvss epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54447Jul 23, 2025
    risk 0.00cvss epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54446Jul 23, 2025
    risk 0.00cvss epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

  • CVE-2025-54445Jul 23, 2025
    risk 0.00cvss epss 0.09

    Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54448Jul 23, 2025
    risk 0.00cvss epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54453Jul 23, 2025
    risk 0.00cvss epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54452Jul 23, 2025
    risk 0.00cvss epss 0.00

    Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

  • CVE-2025-54451Jul 23, 2025
    risk 0.00cvss epss 0.01

    Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Page 1 of 2