CVE-2025-20949

CWE-22Path Traversal3 documents3 sources
Severity
9.1CRITICAL
EPSS
0.6%
top 29.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Members
Timeline
PublishedMay 7

Description

Path traversal vulnerability in Samsung Members prior to version 5.0.00.11 allows attackers to read and write arbitrary file with the privilege of Samsung Members.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 2.5 | Impact: 2.5

Affected Packages1 packages

NVDsamsung/members< 5.0.00.11

🔴Vulnerability Details

2
CVEList
CVE-2025-20949: Path traversal vulnerability in Samsung Members prior to version 52025-05-07
GHSA
GHSA-whmx-vmqq-mjpv: Path traversal vulnerability in Samsung Members prior to version 52025-05-07
CVE-2025-20949 (CRITICAL CVSS 9.1) | Path traversal vulnerability in Sam | cvebase.io