CVE-2025-53079

MEDIUM

Samsung Data Management Server Firmware - Absolute Path Traversal

Title source: rule
STIX 2.1

Description

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

References (1)

Scores

CVSS v3 4.9
EPSS 0.0012
EPSS Percentile 30.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-36
Status published
Products (1)
samsung/data_management_server_firmware 2.0.0 - 2.3.13.1
Published Jul 29, 2025
Tracked Since Feb 18, 2026