File Upload Vulnerability in Samsung MagicINFO 9 Server
CVE-2025-54439

8.8HIGH

Key Information:

Vendor: Samsung Electronics
Status: Magicinfo 9 Server
Vendor: CVE Published:; 23 July 2025

🔔 Create Samsung Electronics Vulnerability Alert

What is CVE-2025-54439?

The MagicINFO 9 Server by Samsung Electronics is susceptible to an unrestricted file upload vulnerability, allowing attackers to upload files of dangerous types. This vulnerability can potentially lead to code injection, enabling unauthorized execution of commands in the system. The issue affects versions prior to 21.1080.0, making it crucial for users to update their servers to mitigate the risks associated with this security flaw.

Affected Version(s)

MagicINFO 9 Server 21.1080.0

References

https://security.samsungtv.com/securityUpdates

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2025
Vulnerability Reserved
Jul 22, 2025