Vulnerability Details CVE-2026-25201
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue affects MagicINFO 9 Server: less than 21.1090.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.5%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2026-25201
-
cpe:2.3:a:samsung:magicinfo_9_server:-
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1000.3
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1010.2
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1020.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1030.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1040.2
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1040.3
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1050.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1052.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1060.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1070.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1080.0