CVE-2025-54445

Critical

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request…

samsung.tv_appliance·CWE-611·Published 2025-07-23

CVSS

9.8

EPSS

0.09

KEV

Exploits

cve.orgen

204 chars

Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.

NVDen

204 chars

NVDes

224 chars

La vulnerabilidad de restricción incorrecta de referencia de entidad externa XML en Samsung Electronics MagicINFO 9 Server permite Server Side Request Forgery. Este problema afecta a MagicINFO 9 Server: anterior a 21.1080.0.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	8.2	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N