CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
CVE-2024-7399CVSS 8.8CISA KEVKnown Exploited

CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

CVSS
8.8 HIGH
EPSS
99.81%
Known exploited
yes
Product
MagicINFO 9 Server

What is known

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

Sources