COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-7399

CVE-2024-7399

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-04-24
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-7399
⚡ RCE ⌖ exploited in the wild shame 45/100 rceexploited-in-wildunpatched

Samsung MagicINFO 9 Server path traversal vulnerability allows attackers to write arbitrary files as system authority.

This vulnerability enables attackers to write files as system authority, potentially leading to privilege escalation or system compromise. DIB organizations should audit Samsung MagicINFO 9 Server deployments and apply patches immediately to prevent unauthorized file system access.

Shame score — A known path traversal vulnerability that allows file writing as system authority, though not directly RCE, poses significant security risks.

Players implicated

Samsung · vendorMagicINFO 9 Server · product

Description

Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.