An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:HSamsung Data Management Server
HWSamsungwszystkie wersjeSamsung Data Management Server Firmware
OSSamsung2.0.0 – 2.3.13.1 (bez)2.5.0.17 – 2.6.14.1 (bez)2.7.0.15 – 2.9.3.6 (bez)
Related vulnerabilities
Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management ...
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Ser...
An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functio...
Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) t...