CVE-2024-7399
Samsung MagicINFO 9 Server Path Truncation Vulnerability
Description
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
INFO
Published Date :
Aug. 12, 2024, 1:38 p.m.
Last Modified :
Aug. 13, 2024, 3:30 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
2.8
Public PoC/Exploit Available at Github
CVE-2024-7399 has a 2 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-7399.
| URL | Resource |
|---|---|
| https://security.samsungtv.com/securityUpdates | Vendor Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
CVE PoC repository monitoring tool - Automated discovery and tracking of security vulnerabilities
Python
None
Python Java
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-7399 vulnerability anywhere in the article.
-
security.nl
Samsung MagicINFO 9-servers doelwit van botnet, update niet beschikbaar
Aanvallers maken actief misbruik van een kwetsbaarheid in Samsung MagicINFO 9 en een beveiligingsupdate is niet beschikbaar. Organisaties die van de oplossing gebruikmaken wordt aangeraden hun systeem ... Read more
-
Help Net Security
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE- ... Read more
-
huntress.com
Rapid Response: Samsung MagicINFO 9 Server Flaw
TL;DR: While reports have indicated the latest version of Samsung MagicINFO 9 Server fixes a high-severity flaw (CVE-2024-7399), Huntress has independently verified that the latest version (21.1050.0) ... Read more
-
BleepingComputer
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. Samsung MagicINFO Server is a centralized co ... Read more
-
The Hacker News
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Internet of Thing / Vulnerability Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet ... Read more
-
Cyber Security News
Samsung MagicINFO 9 Server Vulnerability Exploited in the Wild
A critical security vulnerability in Samsung’s digital signage management platform has moved from theoretical risk to active threat as attackers begin exploiting it in real-world attacks. CVE-2024-739 ... Read more
-
Help Net Security
Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being leveraged by attackers. Exploit a ... Read more
-
Daily CyberSecurity
Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248
Image: Horizon3.ai The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active e ... Read more
-
Daily CyberSecurity
CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild
A critical security vulnerability, CVE-2024-7399, is being actively exploited in the wild in Samsung MagicINFO 9 Server, a content management system (CMS) widely used for managing digital signage disp ... Read more
-
Daily CyberSecurity
BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass
A significant security vulnerability has been identified in BeyondTrust’s Privileged Remote Access (PRA) solution, posing a risk to organizations relying on this technology for managing privileged ses ... Read more
-
Cyber Security News
Samsung MagicINFO Vulnerability Allows Remote Code Execution Without Valid User
A critical security vulnerability has been discovered in Samsung’s MagicINFO digital signage management platform that could allow attackers to execute arbitrary code with system-level privileges witho ... Read more
The following table lists the changes that have been made to the
CVE-2024-7399 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Aug. 13, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Changed Reference Type https://security.samsungtv.com/securityUpdates No Types Assigned https://security.samsungtv.com/securityUpdates Vendor Advisory Added CWE NIST CWE-22 Added CPE Configuration OR *cpe:2.3:a:samsung:magicinfo_9_server:*:*:*:*:*:*:*:* versions up to (excluding) 21.1050 -
CVE Received by [email protected]
Aug. 12, 2024
Action Type Old Value New Value Added Description Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. Added Reference Samsung TV & Appliance https://security.samsungtv.com/securityUpdates [No types assigned] Added CWE Samsung TV & Appliance CWE-22 Added CWE Samsung TV & Appliance CWE-434 Added CVSS V3.1 Samsung TV & Appliance AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-7399 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-7399
weaknesses.