CVE-2025-4632 PoC — SAMSUNG MagicINFO 9 Server 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-4632.yaml

Associated Vulnerability

Title:SAMSUNG MagicINFO 9 Server 安全漏洞 (CVE-2025-4632)
Description:SAMSUNG MagicINFO 9 Server是韩国三星（SAMSUNG）公司的一个企业级数字标牌内容管理与设备监控平台。 SAMSUNG MagicINFO 9 Server 21.1052之前版本存在安全漏洞，该漏洞源于路径名限制不当，可能导致以系统权限写入任意文件。

Description

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.

File Snapshot


 id: CVE-2025-4632

info:
  name: Samsung MagicINFO 9 Server - File Upload & Remote Code Execution
  

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!