Samsung : Security Vulnerabilities, CVEs, Published In 2017 (Directory traversal)
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
Max CVSS
6.9
EPSS Score
0.08%
Published
2017-04-13
Updated
2017-04-25
Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download.
Max CVSS
7.8
EPSS Score
0.34%
Published
2017-06-07
Updated
2017-06-14
Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privileges via unspecified parameters to (3) uploadCloning.html, (4) fileupload.html, (5) uploadFirmware.html, or (6) upload/driver.
Max CVSS
10.0
EPSS Score
4.85%
Published
2017-06-01
Updated
2017-06-12
3 vulnerabilities found