Vulnerability Details CVE-2024-7399
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.607
EPSS Ranking 98.2%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-7399
-
cpe:2.3:a:samsung:magicinfo_9_server:-
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1000.3
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1010.2
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1020.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1030.0
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1040.2
-
cpe:2.3:a:samsung:magicinfo_9_server:21.1040.3