Critical Alert 2 Active Exploits Detected Today

CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability →
CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability →
Powered by CVE Watchtower
×

Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →
Powered by CVE WATCHTOWER
×
June 9, 2026

CVE Watchtower


← Back to CVE List

CVE-2025-54438NVD

Vulnerability Summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
Severity Level
CRITICAL(9.8)
Published Date
Jul 23, 2025
Last Modified
Jul 30, 2025
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
CWE-22: Path Traversal β†—
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

External References