CVE-2026-25202 – Samsung MagicINFO 9 Server Multiple Vulnerabilities
“These vulnerabilities hand attackers the keys to the system. One allows malicious content to silently hijack accounts, while another exposes hardcoded database credentials that could give attackers direct control of the platform’s backend.”
Samsung released a security patch addressing two critical vulnerabilities in MagicINFO 9 Server, the centralized platform used to manage digital signage displays. These issues affect versions prior to 21.1090.1 and could allow attackers to compromise system integrity, manipulate content, or access sensitive backend systems controlling displays across enterprise environments.
CVE-2026-25200 is a Stored Cross-Site Scripting (XSS) vulnerability that allows attackers to upload malicious HTML files. Once executed, the malicious content can run within a user’s session and potentially lead to account takeover or unauthorized actions within the management platform. This vulnerability carries a CVSS v3.1 score of 9.8 (Critical).
CVE-2026-25202 exposes hardcoded database credentials embedded within the application. Attackers who discover these credentials can directly access and manipulate the backend database without authentication. This could allow attackers to alter signage content, tamper with system configurations, or gain deeper control over the infrastructure. This vulnerability has a CVSS v3.1 score of 9.8 (Critical).
Both vulnerabilities were addressed in MagicINFO 9 Server version 21.1090.1, which removes the hardcoded credentials and strengthens file upload validation mechanisms. No confirmed real-world exploitation or public proof-of-concept code has been verified at this time.
Key Details
- Affected Product
- Samsung Magicinfo 9 Server
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-798