CVE-2025-53080
三星DMS存在路径遍历漏洞(CWE-22),允许攻击者创建任意文件;建议更新软件并断开互联网连接以避免风险。 2025-7-29 11:13:0 Author: claroty.com(查看原文) 阅读量:0 收藏
三星DMS存在路径遍历漏洞(CWE-22),允许攻击者创建任意文件;建议更新软件并断开互联网连接以避免风险。 2025-7-29 11:13:0 Author: claroty.com(查看原文) 阅读量:0 收藏
High Threat
CWE-22 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY PATHNAME TO A A RESTRICTED DIRECTORY ('PATH TRAVERSAL'):
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS (Data Management Server) allows authenticated attackers to create arbitary files in unintended locations on the filesystem.
Samsung recommends users to contact a Samsung call center or installer for a software update.
This product is not intended to be connected to the Internet, so please disconnect it from the Internet. Refer to the following statement in the manual: "Use this product only in a separate dedicated network. Samsung Electronics is not liable for any problems caused by connecting it to the Internet or an intranet."
文章来源: https://claroty.com/team82/disclosure-dashboard/cve-2025-53080
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh