module
Samsung MagicINFO 9 Server Remote Code Execution (CVE-2024-7399)
| Disclosed |
|---|
| Apr 30, 2025 |
Disclosed
Apr 30, 2025
Description
Remote Code Execution in Samsung MagicINFO 9 Server
Remote code execution can be obtained by exploiting the path traversal vulnerability (CVE-2024-7399) in the SWUpdateFileUploader servlet,
which can be queried by an unauthenticated user to upload a JSP shell.
By default, the application listens on TCP ports 7001 (HTTP) and 7002 (HTTPS) on all network interfaces and runs in the context of NT AUTHORITY\SYSTEM.
Remote code execution can be obtained by exploiting the path traversal vulnerability (CVE-2024-7399) in the SWUpdateFileUploader servlet,
which can be queried by an unauthenticated user to upload a JSP shell.
By default, the application listens on TCP ports 7001 (HTTP) and 7002 (HTTPS) on all network interfaces and runs in the context of NT AUTHORITY\SYSTEM.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.