Primary

Context

Samsung DMS Arbitrary File Creation Vulnerability

Vulnerability

A vulnerability allowing arbitrary file creation has been identified in Samsung Data Management Server (DMS) versions 2.9.3.5 to 2.7.0.15, 2.6.14.0 to 2.5.0.17, and 2.3.13.0 to 2.0.0. This vulnerability allows attackers to create files in unintended locations on the filesystem. Exploitation is limited to specific authorized private IP addresses.

Impact

Exploitation of this vulnerability allows for arbitrary file creation, which could be used to manipulate or disrupt the normal functioning of the system by placing files in critical areas of the filesystem.

Remediation

The official patch for this vulnerability has been released and can be applied to affected DMS versions.

Added: Jul 29, 2025, 6:56 AM

Updated: Jul 29, 2025, 6:56 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung DMS Arbitrary File Creation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating