8.8

CVSS3.1

CVE-2025-54441 -

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:33 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

9.8

CVSS3.1

CVE-2025-54440 -

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:33 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

8.1

CVSS3.1

CVE-2025-54447 -

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:32 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

9.8

CVSS3.1

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0

📅 Published: July 23, 2025, 5:32 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

8.2

CVSS3.1

CVE-2025-54445 -

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:31 a.m. 🔄 Last Modified: Aug. 15, 2025, 2:28 p.m.

9.8

CVSS3.1

CVE-2025-54448 -

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:31 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

8.8

CVSS3.1

CVE-2025-54453 -

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:30 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

7.3

CVSS3.1

CVE-2025-54452 -

Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:29 a.m. 🔄 Last Modified: July 28, 2025, 2:27 p.m.

9.8

CVSS3.1

CVE-2025-54451 -

Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:29 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

7.2

CVSS3.1

CVE-2025-54450 -

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

📅 Published: July 23, 2025, 5:28 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:50 p.m.

CVE Authored by @ncilengir

8.8

CVE-2025-54441 -

9.8

CVE-2025-54440 -

8.1

CVE-2025-54447 -

9.8

CVE-2025-54446 -

8.2

CVE-2025-54445 -

9.8

CVE-2025-54448 -

8.8

CVE-2025-54453 -

7.3

CVE-2025-54452 -

9.8

CVE-2025-54451 -

7.2

CVE-2025-54450 -