Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-7399 PoC — SAMSUNG MagicINFO 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-7399.yaml
Associated Vulnerability
Title:SAMSUNG MagicINFO 安全漏洞 (CVE-2024-7399)
Description:SAMSUNG MagicINFO是韩国三星(SAMSUNG)公司的一款基于 Web 的工具。用于管理内容文件和设备。 SAMSUNG MagicINFO 21.1050之前版本存在安全漏洞,该漏洞源于存在目录遍历漏洞,允许攻击者以系统权限写入任意文件。
Description
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
File Snapshot

 id: CVE-2024-7399

info:
  name: Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution
  auth

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.