HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2025-53080

CVSS 7.1v3.1pub. 2025-07-29upd. 2025-08-11

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
  • Samsung Data Management Server

    HW
    Samsung
    wszystkie wersje
  • Samsung Data Management Server Firmware

    OS
    Samsung
    2.0.0 – 2.3.13.1 (bez)2.5.0.17 – 2.6.14.1 (bez)2.7.0.15 – 2.9.3.6 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2025-53078HIGH8.0ten sam produkt

Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary...

CVE-2010-4284HIGH7.5ten sam produkt

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Ser...

CVE-2025-53077MEDIUM6.5ten sam produkt

An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functio...

CVE-2025-53079MEDIUM4.9ten sam produkt

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) t...

CVE-2025-53081MEDIUM6.4ten sam produkt

An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files...