CNNVD-202507-2982 Information

CNNVD ID

CNNVD-202507-2982

Related CVE

CVE-2025-54445

• CNNVD Published: 2025-07-23

Description (Chinese)

SAMSUNG MagicINFO 9 Server是韩国三星（SAMSUNG）公司的一个企业级数字标牌内容管理与设备监控平台。 SAMSUNG MagicINFO 9 Server 21.1080.0之前版本存在安全漏洞，该漏洞源于XML外部实体引用限制不当，可能导致服务端请求伪造。

Description (English)

SAMSUNG MagicINFO 9 Server is an enterprise-level digital billboard content management and equipment control platform of the Korea Samsung Corporation. The previous version of SAMSUNG MagicINFO 9 Server 21.1080.0 had a security loophole, which stemmed from inappropriate reference restrictions by external XML entities and could lead to the forgery of service-level requests.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

三星

Published

2025-07-23

Last Modified

2026-02-24

References

https://security.samsungtv.com/securityUpdates

Patch

https://docs.samsungvx.com/docs/display/MS9/Release+Information#ReleaseInformation-MagicINFO9Server(21.1080.0)ReleaseNotes