← Back

CVE-2025-53079

nvd nist
Published: Jul 29, 2025Modified: Aug 11, 2025

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.2 / Impact: 3.6
Source: PSIRT@samsung.com (Secondary)

Description

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

Affected (3)

Samsung
1 product
Data Management Server Firmware
Configuration A
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Samsung
Data Management Server Firmware
From 2.0.0 to 2.3.13.1
Data Management Server Firmware
From 2.5.0.17 to 2.6.14.1
Data Management Server Firmware
From 2.7.0.15 to 2.9.3.6
Running on/withPlatform Versions
Samsung
Data Management Server
All versions

Related CWEs

CWE-36
Absolute Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

References (1)

Source: PSIRT@samsung.com
Vendor Advisory

Timeline

No history available yet.