Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-54452
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-07-23
CVE-2025-54453
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-23
CVE-2025-54454
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-07-23
CVE-2025-54446
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
CVSS Score
9.8
EPSS Score
0.001
Published
2025-07-23
CVE-2025-54447
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-07-23
CVE-2024-53288
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in NTP Region functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-07-23
CVE-2024-53286
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to execute arbitrary code via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-07-23
CVE-2024-53287
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in VPN Setting functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-07-23
CVE-2025-8010
Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.001
Published
2025-07-22
CVE-2025-8039
In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-07-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved