Remote Code Execution Vulnerability in Samsung Security Manager
CVE-2015-3435

Currently unrated

Key Information:

Vendor: Samsung
Status: Samsung Security Manager
Vendor: CVE Published:; 1 May 2015

Summary

An identified security flaw in versions of Samsung Security Manager prior to 1.31 allows remote attackers to execute arbitrary code by uploading files through crafted HTTP PUT or MOVE requests. This vulnerability enables unauthorized users to manipulate files on the affected system, thereby compromising its security and integrity.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-157/

x_refsource_MISC

http://www.securityfocus.com/bid/74400

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-15-156/

x_refsource_MISC

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 1, 2015
Vulnerability Reserved
Apr 27, 2015