CVE-2025-53080
HIGHSamsung Data Management Server Firmware 2.0.0-2.3.13.1 - Authenticated Path Traversal
Title source: llmDescription
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem
References (1)
Core 1
Core References
Vendor Advisory
https://security.samsungda.com/securityUpdates.html
Scores
CVSS v3
7.1
EPSS
0.0028
EPSS Percentile
51.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (1)
samsung/data_management_server_firmware
2.0.0 - 2.3.13.1
Published
Jul 29, 2025
Tracked Since
Feb 18, 2026