CVE-2025-53080

CWE-22Path Traversal3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 75.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Electronics Data Management ServerSamsung Data Management Server Firmware
Timeline
PublishedJul 29

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:HExploitability: 1.6 | Impact: 5.5

Affected Packages2 packages

CVEListV5samsung_electronics/data_management_server2.0.02.3.13.1+2
NVDsamsung/data_management2.0.02.3.13.1+2

🔴Vulnerability Details

2
CVEList
CVE-2025-53080: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers t2025-07-29
GHSA
GHSA-r2jv-9p2f-wjmj: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers t2025-07-29
CVE-2025-53080 (MEDIUM CVSS 6.5) | Improper Limitation of a Pathname t | cvebase.io