Samsung

Magicinfo 9 Server

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-25202

  • EPSS 0.04%
  • Veröffentlicht 02.02.2026 04:49:53
  • Zuletzt bearbeitet 03.02.2026 16:44:36

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.

8.8

CVE-2026-25201

  • EPSS 0.07%
  • Veröffentlicht 02.02.2026 04:49:38
  • Zuletzt bearbeitet 03.02.2026 16:44:36

An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.

9.8

CVE-2026-25200

  • EPSS 0.07%
  • Veröffentlicht 02.02.2026 04:49:13
  • Zuletzt bearbeitet 03.02.2026 16:44:36

A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.

8.8

CVE-2025-54439

  • EPSS 0.06%
  • Veröffentlicht 23.07.2025 05:36:29
  • Zuletzt bearbeitet 30.07.2025 20:21:41

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

9.8

CVE-2025-54438

  • EPSS 0.11%
  • Veröffentlicht 23.07.2025 05:36:04
  • Zuletzt bearbeitet 30.07.2025 20:21:50

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

9.8

CVE-2025-54444

  • EPSS 0.06%
  • Veröffentlicht 23.07.2025 05:35:43
  • Zuletzt bearbeitet 30.07.2025 20:20:20

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

9.8

CVE-2025-54443

  • EPSS 0.12%
  • Veröffentlicht 23.07.2025 05:34:30
  • Zuletzt bearbeitet 30.07.2025 20:20:33

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

9.8

CVE-2025-54442

  • EPSS 0.06%
  • Veröffentlicht 23.07.2025 05:34:05
  • Zuletzt bearbeitet 30.07.2025 20:20:46

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

8.8

CVE-2025-54441

  • EPSS 0.06%
  • Veröffentlicht 23.07.2025 05:33:40
  • Zuletzt bearbeitet 30.07.2025 20:21:05

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

9.8

CVE-2025-54440

  • EPSS 0.06%
  • Veröffentlicht 23.07.2025 05:33:16
  • Zuletzt bearbeitet 30.07.2025 20:21:18

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.