CVE-2025-4632

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:samsung:magicinfo_9_server:*:*:*:*:*:*:*:*

History

27 May 2025, 21:23

Type Values Removed Values Added
CPE cpe:2.3:a:samsung:magicinfo_9_server:*:*:*:*:*:*:*:*
References () https://security.samsungtv.com/securityUpdates#SVP-MAY-2025 - () https://security.samsungtv.com/securityUpdates#SVP-MAY-2025 - Patch, Vendor Advisory
First Time Samsung
Samsung magicinfo 9 Server

13 May 2025, 19:35

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de limitación incorrecta de una ruta de acceso a un directorio restringido en Samsung MagicINFO 9 Server versión anterior a 21.1052 permite a los atacantes escribir archivos arbitrarios como autoridad del sistema.

13 May 2025, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-13 06:15

Updated : 2025-05-27 21:23


NVD link : CVE-2025-4632

Mitre link : CVE-2025-4632

CVE.ORG link : CVE-2025-4632


JSON object : View

Products Affected

samsung

  • magicinfo_9_server
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')