Samsung Electronics Magicinfo 9 Server vulnerabilities
24 known vulnerabilities affecting samsung_electronics/magicinfo_9_server.
Total CVEs
24
CISA KEV
2
actively exploited
Public exploits
2
Exploited in wild
2
Severity breakdown
CRITICAL20HIGH4
Vulnerabilities
Page 2 of 2
CVE-2026-25202P2CRITICALCVSS 9.8v21.1090.12026-02-02
CVE-2026-25202 [CRITICAL] CWE-798 CVE-2026-25202: The database account and password are hardcoded, allowing login with the account to manipulate the d
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
nvd
CVE-2025-54451P3CRITICALCVSS 9.8v21.1080.02025-07-23
CVE-2025-54451 [CRITICAL] CWE-94 CVE-2025-54451: Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics Magic
Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
nvd
CVE-2026-25201P3HIGHCVSS 8.8v21.1090.12026-02-02
CVE-2026-25201 [HIGH] CWE-434 CVE-2026-25201: An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege esca
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue affects MagicINFO 9 Server: less than 21.1090.1.
nvd
CVE-2026-25203P3HIGHCVSS 7.8v21.1091.12026-04-10
CVE-2026-25203 [HIGH] CWE-276 CVE-2026-25203: Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
This issue affects MagicINFO 9 Server: less than 21.1091.1.
nvd
← Previous2 / 2