Path Traversal Vulnerability in Samsung Electronics MagicINFO 9 Server
CVE-2025-54443

9.8CRITICAL

Key Information:

Vendor

Samsung Electronics

Status
Magicinfo 9 Server
Vendor
CVE Published:
23 July 2025

What is CVE-2025-54443?

A path traversal vulnerability in Samsung Electronics MagicINFO 9 Server permits unauthorized users to upload a web shell to the web server. This issue specifically impacts versions prior to 21.1080.0, potentially compromising server security by allowing attackers to access restricted directories and execute arbitrary code.

Affected Version(s)

MagicINFO 9 Server 21.1080.0

References

https://security.samsungtv.com/securityUpdates

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-54443 : Path Traversal Vulnerability in Samsung Electronics MagicINFO 9 Server