top of page
perceptive_background_267k.jpg

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 …

Published:

1 February 2026 at 23:00:00

Alert date:

2 February 2026 at 06:01:15

Source:

nvd.nist.gov

Click to open the original link from this advisory

Database & Storage, Enterprise Applications

A critical vulnerability in Samsung's MagicInfo9 Server allows unauthorized database access through hardcoded credentials. The hardcoded database account and password enable attackers to login and manipulate the database directly. This vulnerability affects MagicINFO 9 Server versions prior to 21.1090.1. The issue represents a significant security flaw as it provides direct database access without proper authentication. Organizations using affected versions should upgrade immediately to prevent unauthorized data manipulation.

Technical details

Mitigation steps:

Affected products:

MagicINFO 9 Server

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-25202
https://security.samsungtv.com/securityUpdates

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page