9197/tcp open upnp Samsung AllShare upnpd 1.0 (UPnP 1.1)
| vulscan: VulDB - https://vuldb.com:
| [138897] Netgear WNDR3400v3 1.0.1.18_1.0.63 upnpd UPnP SSDP Packet Stack-based memory corruption
| [76316] Samsung SBeam 15000 NFC Connection information disclosure
| [63484] MiniUPnPd 1.0 SOAPACTION ExecuteSoapAction denial of service
| [63483] MiniUPnPd 1.0 SOAPACTION ExecuteSoapAction denial of service
| [63482] MiniUPnPd 1.0 SOAPACTION ExecuteSoapAction memory corruption
| [63481] MiniUPnPd 1.0/1.1/1.2/1.3 SDP minissdp.c ProcessSSDPRequest denial of service
| [135896] Samsung Galaxy S9 up to 1.4.20 GameServiceReceiver Update Code Execution memory corruption
| [113616] Knox SDS IAM/SDS EMM 16.11 on Samsung Mobile weak encryption
| [98938] Samsung Account up to 1.6/2.1 weak encryption
| [75176] Samsung Security Manager up to 1.30 HTTP Request privilege escalation
| [74288] Samsung iPOLiS Device Manager 1.12.2 OCX ActiveX Control XnsSdkDeviceIpInstaller.ocx WriteConfigValue memory corruption
| [74213] Samsung Samsung Security Manager up to 1.29 denial of service
| [71220] Miniupnpd 1.9 miniwget.c getHTTPResponse denial of service
| [70020] Samsung iPOLiS Device Manager up to 1.8.1 ActiveX Control memory corruption
| [69949] Samsung iPOLiS Device Manager up to 1.8.1 ActiveX Control Stack-Based memory corruption
| [66860] Samsung Kies 2.5.0.12114 1 ActiveX Control SyncService.dll memory corruption
| [61634] Samsung NET-i viewer 1.37.120316 denial of service
| [61633] Samsung NET-i viewer 1.37.120316 ActiveX Control memory corruption
| [61632] Samsung NET-i viewer 1.37.120316 ActiveX Control Stack-based memory corruption
| [61562] Samsung NET-i viewer 1.37 OCX ActiveX Control XProcessControl.ocx RequestScreenOptimization memory corruption
| [57396] Samsung Data Management Server up to 1.4.1 Authentication Form sql injection
|
| MITRE CVE - https://cve.mitre.org:
| [CVE-2013-1462] Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230.
| [CVE-2013-1461] The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230.
| [CVE-2013-0230] Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
| [CVE-2013-2310] SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.
| [CVE-2013-0229] The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.
| [CVE-2012-4335] Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a denial of service (infinite loop) via a negative size value in a TCP request to (1) NiwMasterService or (2) NiwStorageService. NOTE: some of these details are obtained from third party information.
| [CVE-2012-4334] The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.
| [CVE-2012-4333] Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. NOTE: some of these details are obtained from third party information.
| [CVE-2012-4250] Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls31.dll in Samsung NET-i viewer 1.37 allows remote attackers to execute arbitrary code via a long string in the first argument.
| [CVE-2012-2990] The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted HTML document.
| [CVE-2012-1418] Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| [CVE-2012-0695] Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| [CVE-2011-4719] Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| [CVE-2011-4548] Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| [CVE-2011-3421] Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| [CVE-2011-3420] Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| [CVE-2010-4284] SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
| [CVE-2007-3445] Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service (device hang and call termination) via a malformed SIP INVITE message, a different vulnerability than CVE-2007-3351.
|
| SecurityFocus - https://www.securityfocus.com/bid/:
| [54055] Samsung AllShare 'Content-Length' HTTP Header Remote Denial Of Service Vulnerability
| [102336] Samsung/Seagate Self-Encrypting Drive Protection CVE-2015-7267 Local Security Bypass Vulnerability
| [102334] Samsung/Seagate Self-Encrypting Drives Protection CVE-2015-7268 Local Security Bypass Vulnerability
| [99081] Samsung Magician CVE-2017-3218 Remote Code Execution Vulnerability
| [97703] Multiple Samsung Galaxy Products CVE-2016-4031 Security Bypass Vulnerability
| [97701] Multiple Samsung Galaxy Products CVE-2016-4030 Security Bypass Vulnerability
| [97658] Samsung SecEmailSync CVE-2016-2565 Information Disclosure Vulnerability
| [97654] Samsung SecEmailSync CVE-2016-2566 SQL Injection Vulnerability
| [97650] Multiple Samsung Galaxy Products CVE-2016-4032 Security Bypass Vulnerability
| [97207] Samsung Account CVE-2015-0864 Information Disclosure Vulnerability
| [96360] Multiple Samsung Android Mobile Devices CVE-2016-4547 Denial of Service Vulnerability
| [96128] Multiple Samsung Android Mobile Devices InputMethod Application Denial of Service Vulnerability
| [95674] Samsung CVE-2017-5538 Remote Memory Corruption Vulnerability
| [95424] Multiple Samsung Android Mobile Devices CVE-2017-5350 Denial of Service Vulnerability
| [95418] Multiple Samsung Android Mobile Devices CVE-2017-5351 Denial of Service Vulnerability
| [95319] Multiple Samsung Android Mobile Phones CVE-2017-5217 Denial of Service Vulnerability
| [95134] Multiple Samsung Devices 'OTP' Service Remote Heap Buffer Overflow Vulnerability
| [95092] Multiple Samsung Galaxy Product Information Disclosure Vulnerability
| [94955] Samsung Mobile Phones Multiple Denial of Service Vulnerabilities
| [94494] Multiple Samsung Galaxy Product CVE-2016-9567 Security Bypass Vulnerability
| [94292] Samsung Mobile Phones SystemUI CVE-2016-9277 Denial of Service Vulnerability
| [94283] Samsung Mobile Phones Information Disclosure and Denial of Service Vulnerabilities
| [94120] Samsung Mobile Phones CVE-2016-7160 Null Pointer Dereference Denial of Service Vulnerability
| [94088] Multiple Samsung Galaxy Product CVE-2016-7991 Security Bypass Vulnerability
| [94086] Multiple Samsung Galaxy Devices CVE-2016-7990 Integer Overflow Vulnerability
| [94082] Multiple Samsung Galaxy Devices CVE-2016-7989 Denial of Service Vulnerability
| [94081] Samsung Mobile Phones CVE-2016-7988 Denial of Service Vulnerability
| [92539] Samsung Security Manager Multiple Remote Command Execution and Denial of Service Vulnerabilities
| [92349] Samsung 'fimg2d' Driver Null Pointer Deference Local Denial of Service Vulnerability
| [92330] Samsung Android Phone Multiple Privilege Escalation Vulnerabilities
| [91191] Samsung SW Update Software Local Privilege Escalation Vulnerability
| [90104] Samsung Mobile Phones 'IAndroidShm' Service Denial of Service Vulnerability
| [90100] Samsung Mobile Phones 'TvoutService_C' Service Denial of Service Vulnerability
| [86366] Samsung 'msm_sensor_config' Function CVE-2016-4038 Remote Memory Corruption Vulnerability
| [86278] Samsung KNOX CVE-2016-3996 Information Disclosure Vulnerability
| [84287] Samsung SW Update Tool Security Bypass Vulnerability
| [84284] Samsung SW Update Tool Information Disclosure Vulnerability
| [81063] Samsung KNOX CVE-2016-1920 Man in the Middle Information Disclosure Vulnerability
| [81056] Samsung KNOX CVE-2016-1919 Weak Encryption Security Weakness
| [80381] Samsung SRN-1670D Camera Multiple Security Vulnerabilities
| [79675] Samsung SmartTV and Printers CVE-2015-5729 Weak Password Security Vulnerability
| [78024] Miniupnpd CVE-2013-1461 Denial-Of-Service Vulnerability
| [77431] Samsung SecEmailUI CVE-2015-7893 Security Vulnerability
| [77430] Samsung Galaxy S6 CVE-2015-7898 Denial of Service Vulnerability
| [77429] Samsung Galaxy S6 CVE-2015-7895 Denial of Service Vulnerability
| [77425] Samsung LibQjpeg CVE-2015-7896 Remote Memory Corruption Vulnerability
| [77423] Samsung LibQjpeg CVE-2015-7894 Remote Memory Corruption Vulnerability
| [77422] Samsung Galaxy S6 CVE-2015-7897 Memory Corruption Vulnerability
| [77339] Samsung SecEmailComposer CVE-2015-7889 Local Privilege Escalation Vulnerability
| [77338] Samsung Galaxy S6 CVE-2015-7888 Directory Traversal Vulnerability
| [77337] Samsung m2m1shot Driver CVE-2015-7892 Local Buffer Overflow Vulnerability
| [77336] Samsung Sieren Kernel Driver CVE-2015-7890 Local Buffer Overflow Vulnerability
| [77335] Samsung Fimg2d CVE-2015-7891 Local Race Condition Security Bypass Vulnerability
| [77084] Samsung SmartViewer 'CNC_Ctrl' ActiveX Control Remote Code Execution Vulnerability
| [77083] RETIRED: Samsung SmartViewer 'SendCustomPacket' Method Remote Code Execution Vulnerability
| [77079] Samsung SmartViewer CVE-2015-8039 Multiple Remote Code Execution Vulnerabilities
| [76946] Samsung XNS ActiveX SDK ActiveX Control Multiple Remote Code Execution Vulnerabilities
| [76807] Samsung S4 GT-I9500 Memory Corruption and Information Disclosure Vulnerabilities
| [75912] Samsung SyncThru CVE-2015-5473 Multiple Directory Traversal Vulnerabilities
| [75404] Samsung SBeam CVE-2015-4033 Information Disclosure Vulnerability
| [75403] Samsung Galaxy S5 CVE-2015-4034 Remote Code Execution Vulnerability
| [75229] RETIRED: Samsung Galaxy S Phones CVE-2015-2865 Man in The Middle Security Bypass Vulnerability
| [74877] Samsung iPOLiS Device Manager ActiveX Control CVE-2015-0555 Multiple Buffer Overflow Vulnerabilities
| [74400] Samsung Security Manager ActiveMQ Broker Service Multiple Remote Code Execution Vulnerabilities
| [72598] Samsung Security Manager CVE-2015-1499 Security Bypass Vulnerability
| [71489] Samsung SmartViewer 'STWConfig' ActiveX Remote Code Execution Vulnerability
| [71486] Samsung SmartViewer 'CNC_Ctrl' ActiveX Stack Buffer Overflow Vulnerability
| [71148] Multiple Samsung Galaxy Devices KNOX Arbitrary Code Execution Vulnerability
| [67823] Samsung iPOLiS Device Manager 'FindConfigChildeKeyList()' Method Stack Buffer Overflow Vulnerability
| [67822] Samsung iPOLiS Device Manager ActiveX Control Multiple Remote Code Execution Vulnerabilities
| [66192] Samsung Proprietary Android Backdoor Unauthorized Access Vulnerability
| [63726] Samsung Galaxy S4 Unspecified Security Vulnerability
| [61942] Samsung DVR CVE-2013-3585 Information Disclosure Vulnerability
| [61938] Samsung DVR CVE-2013-3586 Cookie Authentication Bypass Vulnerability
| [61881] Samsung DVR Multiple Access Bypass Vulnerabilities
| [61391] Samsung PS50C7700 3D Plasma-TV CVE-2013-4890 Denial of Service Vulnerability
| [61281] Samsung Galaxy S3 And S4 CVE-2013-4764 Local Security Bypass Vulnerability
| [61280] Samsung Galaxy S3 And S4 CVE-2013-4763 Local Security Bypass Vulnerability
| [60756] Samsung Galaxy S4 SMS Spoofing Vulnerability
| [60527] Samsung SHR-5162 and SHR-5082 CVE-2013-3964 Unspecified Cross Site Scripting Vulnerability
| [58320] Samsung TV 'SOAPACTION' Denial of Service Vulnerability
| [58312] Samsung Galaxy S3 Full Lock Screen Security Bypass Vulnerability
| [58123] Samsung Galaxy S3 Screen Lock Security Bypass Vulnerability
| [57249] Samsung Kies CVE-2012-6429 Remote Buffer Overflow Vulnerability
| [57131] SamsungDive for Android CVE-2012-6337 Spoofing Vulnerability
| [57127] SamsungDive for Android CVE-2012-6334 Spoofing Vulnerability
| [56955] Samsung SmartPhones Local Privilege Escalation Vulnerability
| [56692] Samsung and Dell printers Firmware Backdoor Unauthorized Access Vulnerability
| [56560] Samsung Kies Air Denial of Service and Security Bypass Vulnerabilities
| [55936] Samsung Kies Multiple Security Vulnerabilities
| [55053] Samsung Galaxy S2 Epic 4G Touch Multiple Insecure Temporary File Creation Vulnerabilities
| [55047] Multiple Samsung and HTC Devices Information Disclosure Vulnerability
| [53317] Samsung NET-i Viewer 'msls31.dll' ActiveX Buffer Overflow Vulnerability
| [53193] Samsung NET-i ware Multiple Remote Vulnerabilities
| [53161] Samsung TV and BD Products Multiple Denial Of Service Vulnerabilities
| [50682] Samsung Omnia 7 'RapidConfig.exe' XML Provision Remote Code Execution Vulnerability
| [47746] Samsung Integrated Management System DMS SQL Injection Vulnerability
| [34705] Multiple Samsung Devices SMS Provisioning Messages Authentication Bypass Vulnerability
| [31047] Samsung DVR SHR-2040 HTTPD Denial of Service Vulnerability
| [24953] Samsung Linux Printer Driver SetUID Script Local Privilege Escalation Vulnerability
| [16517] Samsung E730 Phone Remote Denial of Service Vulnerability
| [12864] Samsung DSL Modem Multiple Remote Vulnerabilities
| [10219] Samsung SmartEther Switch Firmware Authentication Bypass Vulnerability
| [3008] Samsung ml85p Printer Utility Insecure Temporary File Creation Vulnerability
|
| IBM X-Force - https://exchange.xforce.ibmcloud.com:
| [85904] Samsung PS50C7700 TV denial of service
| [85774] MiniUPnPd Minissdp.c information disclosure
| [85190] Samsung Galaxy S4 spoofing
| [84925] Samsung SHR Series IP cameras unspecified cross-site scripting
| [82662] Samsung TV SOAPACTION denial of service
| [82602] Samsung Galaxy S III Lock Screen security bypass
| [82352] Samsung Galaxy S III Passcode Lock security bypass
| [81803] MiniUPnP MiniUPnPd ExecuteSoapAction denial of service
| [80926] Samsung Galaxy security bypass
| [80923] Samsung Galaxy SamsungDive information disclosure
| [80886] Samsung SmartPhones privilege escalation
| [80709] Samsung Galaxy S2 kernel privilege escalation
| [80336] Samsung printers backdoor
| [80092] Samsung Kies Air security bypass
| [80091] Samsung Kies Air GET denial of service
| [79445] Samsung Kies ActiveX Control registry key security bypass
| [79443] Samsung Kies ActiveX Control security bypass
| [79284] Samsung Kies ActiveX Control CmdAgentLib() security bypass
| [79283] Samsung Kies ActiveX CmdAgent.dll code execution
| [79268] Samsung Kies Samsung.Device Service ActiveX control denial of service
| [79193] Samsung Galaxy S III sandbox privilege escalation
| [79192] Samsung Galaxy S III document viewer code execution
| [78904] Samsung Galaxy S III USSD denial of service
| [77811] Samsung Galaxy S2 Epic 4G Touch symlink
| [76396] AllShare libpin3_dll.dll denial of service
| [75310] Samsung NET-i viewer ActiveX control buffer overflow
| [75070] Samsung NET-i ware ActiveX control buffer overflow
| [75069] Samsung NET-i ware ActiveX control code execution
| [75066] Samsung NET-i ware Master and Storage denial of service
| [74928] Multiple Samsung TV and BD products string denial of service
| [74927] Multiple Samsung TV and BD products controller packet denial of service
| [71316] Samsung Omnia 7 RapiConfig.exe code execution
| [67315] Samsung Integrated Management System DMS authentication form SQL Injection
| [50110] Samsung SMS messages authentication bypass
| [44995] Samsung DVR SHR2040 Web interface denial of service
| [35502] Samsung SCX-4200 driver installation script privilege escalation
| [19927] Samsung default accounts and passwords allow unauthorized access
| [19925] Samsung ADSL Router information disclosure
| [15973] Samsung SmartEther allows administrative access
| [6845] Samsung ML-85G printer driver /tmp symlink
|
| Exploit-DB - https://www.exploit-db.com:
| [25975] MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution
| [21001] Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (3)
| [21000] Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (2)
| [20999] Samsung ml85p Printer Driver 1.0 Insecure Temporary File Creation Vulnerability (1)
| [27753] Samsung DVR Firmware 1.10 - Authentication Bypass
| [18808] SAMSUNG NET-i Viewer 1.37 SEH Overwrite
| [18765] samsung net-i ware <= 1.37 - Multiple Vulnerabilities
|
| OpenVAS (Nessus) - http://www.openvas.org:
| [902935] Samsung Printer SNMP Hardcoded Community String Authentication Bypass Vulnerability
|
| SecurityTracker - https://www.securitytracker.com:
| [1028821] Samsung PS50C7700 TV Web Server Processing Flaw Lets Remote Users Deny Service
| [1027894] Samsung Phone '/dev/exynos-mem' Lets Local Users Gain Root Privileges
| [1027819] Samsung Printers Hardcoded Password Lets Remote Users Gain Administrative Access
| [1027571] Samsung Galaxy Phones Android Dialer Lets Remote Users Deny Service
| [1026976] Samsung TV Bug in Remote Control Feature Lets Remote Users Deny Service
| [1025508] Samsung Data Management Server Input Validation Flaw Lets Remote Users Inject SQL Commands
| [1013615] Samsung ADSL Router Discloses Files to Remote Users and May Grant Root Access Via Common Default Passwords
| [1009947] Samsung SmartEther Authentication Failure Lets Remote Users Gain Administrative Access
| [1002019] Samsung ML-85G Printer Driver Allows Local Users to Obtain Root Level Access on the Host
|
| OSVDB - http://www.osvdb.org:
| [91493] Google Android on Samsung Unspecified Privileged Application Installation (Issue 1)
| [83012] Samsung AllShare libpin3_dll.dll Content-Length HTTP Header Parsing NULL Pointer Dereference Remote DoS