Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data within Samsung Members.
oryginał ENCVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XSamsung Members
APPSamsung< 15.5.05.4
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Powiązane podatności
CVE-2026-20985HIGH7.0ten sam produkt
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arb...
CVE-2025-21079HIGH7.1ten sam produkt
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbi...
CVE-2021-25438HIGH7.8ten sam produkt
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and bel...
CVE-2021-25374HIGH8.6ten sam produkt
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2....
CVE-2026-21037MEDIUM6.9ten sam produkt
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitr...