cbcvebase.
CVE-2025-53080
published 2025-07-29

CVE-2025-53080: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create…

PriorityP342medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.33%
24.7th percentile
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem

Affected

6 ranges
VendorProductVersion rangeFixed in
samsungdata_management_server_firmware>= 2.0.0 < 2.3.13.12.3.13.1
samsungdata_management_server_firmware>= 2.5.0.17 < 2.6.14.12.6.14.1
samsungdata_management_server_firmware>= 2.7.0.15 < 2.9.3.62.9.3.6
samsung_electronicsdata_management_server>= 2.0.0 < 2.3.13.12.3.13.1
samsung_electronicsdata_management_server>= 2.5.0.17 < 2.6.14.12.6.14.1
samsung_electronicsdata_management_server>= 2.7.0.15 < 2.9.3.62.9.3.6
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.