cbcvebase.

Samsung Electronics Magicinfo 9 Server vulnerabilities

24 known vulnerabilities affecting samsung_electronics/magicinfo_9_server.

Total CVEs
24
CISA KEV
2
actively exploited
Public exploits
2
Exploited in wild
2
Severity breakdown
CRITICAL20HIGH4

Vulnerabilities

Page 2 of 2
CVE-2026-25202P2CRITICALCVSS 9.8v21.1090.12026-02-02
CVE-2026-25202 [CRITICAL] CWE-798 CVE-2026-25202: The database account and password are hardcoded, allowing login with the account to manipulate the d The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
nvd
CVE-2025-54451P3CRITICALCVSS 9.8v21.1080.02025-07-23
CVE-2025-54451 [CRITICAL] CWE-94 CVE-2025-54451: Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics Magic Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
nvd
CVE-2026-25201P3HIGHCVSS 8.8v21.1090.12026-02-02
CVE-2026-25201 [HIGH] CWE-434 CVE-2026-25201: An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege esca An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.
nvd
CVE-2026-25203P3HIGHCVSS 7.8v21.1091.12026-04-10
CVE-2026-25203 [HIGH] CWE-276 CVE-2026-25203: Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.
nvd
Samsung Electronics Magicinfo 9 Server vulnerabilities | cvebase