CVE-2025-53081

CWE-22Path TraversalCWE-1914 documents4 sources
Severity
9.1CRITICAL
EPSS
0.1%
top 67.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Electronics Data Management ServerSamsung Data Management Server Firmware
Timeline
PublishedJul 29

Description

An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:HExploitability: 0.9 | Impact: 5.5

Affected Packages2 packages

CVEListV5samsung_electronics/data_management_server2.0.02.3.13.1+2
NVDsamsung/data_management2.0.02.3.13.1+2

🔴Vulnerability Details

2
CVEList
CVE-2025-53081: An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesyst2025-07-29
GHSA
GHSA-c5hf-rjx4-9jfx: An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesyst2025-07-29

📋Vendor Advisories

1
Microsoft
media: ar0521: don't overflow when checking PLL values2024-11-12
CVE-2025-53081 (CRITICAL CVSS 9.1) | An 'Arbitrary File Creation' in Sam | cvebase.io