Primary

Context

Samsung MagicINFO 9 Server Path Traversal Vulnerability Allowing Web Shell Upload

Vulnerability

A path traversal vulnerability has been identified in Samsung Electronics MagicINFO 9 Server versions prior to 21.1080.0. This vulnerability allows attackers to upload a web shell to the web server by improperly limiting a pathname to a restricted directory.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, allowing for the execution of malicious scripts on the web server.

Remediation

Users can update to the latest version of Samsung MagicINFO 9 Server. Instructions for checking and applying software updates are available on the Samsung website.

Added: Jul 23, 2025, 6:41 AM

Updated: Jul 23, 2025, 6:41 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung MagicINFO 9 Server Path Traversal Vulnerability Allowing Web Shell Upload

Vulnerability

Impact

Remediation

Affected Products

Samsung MagicINFO 9 Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating