CVE-2026-25202

CVSS 9.8 CRITICALEPSS 0.4%CWE-798

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Samsung Electronics · MagicINFO 9 Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.samsungtv.com/securityUpdates