Samsung Magicinfo 9 Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Samsung Magicinfo 9 Server.
By the Year
In 2026 there have been 3 vulnerabilities in Samsung Magicinfo 9 Server with an average score of 9.5 out of ten. Last year, in 2025 Magicinfo 9 Server had 19 security vulnerabilities published. Right now, Magicinfo 9 Server is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 0.33
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 9.47 |
| 2025 | 19 | 9.80 |
| 2024 | 1 | 7.50 |
It may take a day or so for new Magicinfo 9 Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Samsung Magicinfo 9 Server Security Vulnerabilities
MagicINFO 9 Server 21.1090.1: Hardcoded DB Credentials Allow Unauth DB Access
CVE-2026-25202
9.8 - Critical
- February 02, 2026
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
Use of Hard-coded Credentials
MagicINFO 9 Server <21.1090.1 Unauth Remote File Upload RCE
CVE-2026-25201
8.8 - High
- February 02, 2026
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.
Unrestricted File Upload
MagicINFO 9 Server <=21.1090.1 Stored XSS via Unauth HTML Upload
CVE-2026-25200
9.8 - Critical
- February 02, 2026
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.
Unrestricted File Upload
Samsung MagicINFO 9 Server Path Traversal <21.1080
CVE-2025-54446
- July 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
Samsung MagicINFO 9 Server <21.1080.0 XML External Entity SSRF
CVE-2025-54445
9.8 - Critical
- July 23, 2025
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Server <21.1080.0 Path Traversal RCE via Web Shell Upload
CVE-2025-54438
- July 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
Samsung MagicINFO 9 Server <21.1080.0 Unrestricted File Upload
CVE-2025-54439
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Unrestricted File Upload < 21.1080.0
CVE-2025-54440
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Unrestricted Dangerous File Upload (<21.1080.0)
CVE-2025-54441
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Unrestricted dangerous file upload in Samsung MagicINFO 9 <21.1080.0
CVE-2025-54442
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Path Traversal in Samsung MagicINFO Server <21.1080.0 Enables Web Shell
CVE-2025-54443
- July 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
Samsung MagicINFO 9 Server Unrestricted File Upload <21.1080.0
CVE-2025-54444
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Server <21.1080.0 RCE via Unrestricted Dangerous File Upload
CVE-2025-54447
9.8 - Critical
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Unrestricted Upload RCE in Samsung MagicINFO 9 Server (before 21.1080.0)
CVE-2025-54448
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Unrestricted File Upload in Samsung MagicINFO 9 Server <=21.1080.0
CVE-2025-54449
- July 23, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Path Traversal in Samsung MagicINFO 9 Server <21.1080.0
CVE-2025-54450
9.8 - Critical
- July 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Server <21.1080.0 Code Injection RCE
CVE-2025-54451
- July 23, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Server Improper Auth Before 21.1080.0
CVE-2025-54452
9.8 - Critical
- July 23, 2025
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Path Traversal <21.1080.0
CVE-2025-54453
9.8 - Critical
- July 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Server <21.1080.0: Hard-coded Credentials Auth Bypass
CVE-2025-54454
9.8 - Critical
- July 23, 2025
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Auth Bypass via Hard-coded Credentials in Samsung MagicINFO 9 Server <21.1080.0
CVE-2025-54455
9.8 - Critical
- July 23, 2025
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
Samsung MagicINFO 9 Server <21.1052: Arbitrary File Write as System
CVE-2025-4632
9.8 - Critical
- May 13, 2025
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.
Directory traversal
Samsung MagicINFO 9 Server Pathname Escape pre-21.1050 allows syswrite
CVE-2024-7399
7.5 - High
- August 12, 2024
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Samsung Magicinfo 9 Server or by Samsung? Click the Watch button to subscribe.
