Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

Samsung MagicINFO 9 Server contains a path traversal vulnerability (CVE-2024-7399) that allows attackers to write arbitrary files with system authority privileges. This vulnerability could enable attackers to gain unauthorized access to the system by exploiting improper path validation mechanisms. The vulnerability affects Samsung MagicINFO 9 Server installations and has been assigned a high criticality rating due to the potential for system-level compromise. Samsung has acknowledged the vulnerability and provided security updates through their official security portal. Organizations using Samsung MagicINFO 9 Server should prioritize patching this vulnerability to prevent potential exploitation.