Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.
Samsung MagicINFO 9 Server does not properly enforce restrictions on file paths provided by users, which enables directory traversal (path traversal). An attacker, without any authentication, can send a crafted network request pointing to any location in the server's file system. As a result, it is possible to write arbitrary content at any location in the file system with system account privileges (SYSTEM authority).
An attacker can write arbitrary files with system privileges, which in practice enables remote takeover of full server control — for example through uploading a webshell, overwriting configuration or binary files. It is possible to obtain full access to system resources, violate data confidentiality and integrity, and achieve persistent server takeover.
Samsung MagicINFO 9 Server must be immediately updated to version 21.1052 or newer in accordance with vendor information available at: https://security.samsungtv.com/securityUpdates#SVP-MAY-2025. Until the patch is deployed, it is recommended to restrict network access to the MagicINFO server only to trusted hosts and monitor logs for suspicious requests containing path traversal sequences.
Samsung MagicINFO 9 Server in versions prior to 21.1052
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSamsung Magicinfo 9 Server
APPSamsung< 21.1052.0
CISA KEV — detailsi
- Vendori
- Samsung
- Producti
- MagicINFO 9 Server
- Added to KEVi
- May 22, 2025
- Remediation deadline (US Federal)i
- June 12, 2025(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority.
Related vulnerabilities
Zakodowane na stałe dane logowania do bazy danych w Samsung MagicINFO 9 Server
Samsung MagicINFO 9 Server — Stored XSS przez upload plików HTML
Path Traversal w Samsung MagicINFO 9 Server umożliwia upload Web Shell
Path Traversal w Samsung MagicINFO 9 Server umożliwia wgranie web shell
Samsung MagicINFO 9 Server — nieograniczony upload pliku umożliwia Code Injection