HIGH🇬🇧 English

CVE-2025-21079

CVSS 7.1v3.1pub. 2025-11-05upd. 2025-11-07

Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
  • Samsung Members

    APP
    Samsung
    < 5.5.01.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-20985HIGH7.0ten sam produkt

Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arb...

CVE-2021-25438HIGH7.8ten sam produkt

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and bel...

CVE-2021-25374HIGH8.6ten sam produkt

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2....

CVE-2026-21037MEDIUM6.9ten sam produkt

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitr...

CVE-2026-20986MEDIUM5.1ten sam produkt

Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data ...