Primary

Context

Samsung MagicINFO 9 Server Remote Code Execution Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in Samsung MagicINFO 9 Server versions prior to 21.1090.1, allowing unauthenticated users to upload arbitrary files. This capability can be exploited to execute remote code, leading to unauthorized privilege escalation on the server.

Impact

Exploitation of this vulnerability allows for remote code execution on the server, with potential for privilege escalation.

Remediation

Users can update to the patched version of MagicINFO 9 Server. Instructions for checking and applying software updates are available on the Samsung website.

Added: Feb 2, 2026, 5:18 AM

Updated: Feb 2, 2026, 5:18 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

7.4

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

7.4

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung MagicINFO 9 Server Remote Code Execution Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Samsung MagicInfo9 Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating