Primary

Context

Samsung MagicINFO 9 Server Path Traversal Vulnerability Allowing Code Injection

Vulnerability

A path traversal vulnerability has been identified in Samsung Electronics MagicINFO 9 Server versions prior to 21.1080.0. This vulnerability allows for improper limitation of pathnames, enabling code injection by exploiting the server's file handling processes.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the server.

Remediation

Users can check for the latest firmware updates through the Samsung Smart TV update settings. For MagicINFO 9 Server, the latest security vulnerability patch is available as part of the SVP-MAY-2025 update.

Added: Jul 23, 2025, 6:33 AM

Updated: Jul 23, 2025, 6:33 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

7.5

exploitability

4.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

7.5

exploitability

4.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung MagicINFO 9 Server Path Traversal Vulnerability Allowing Code Injection

Vulnerability

Impact

Remediation

Affected Products

Samsung MagicINFO 9 Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating