CVE-2025-53081

Summary

An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.

Affected Software

VendorProductVersion RangeStatus
Samsung ElectronicsData Management Server2.0.0 < 2.3.13.1affected
Samsung ElectronicsData Management Server2.5.0.17 < 2.6.14.1affected
Samsung ElectronicsData Management Server2.7.0.15 < 2.9.3.6affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References