What the vulnerability does
01Description
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission.
CVSS base score
5.1/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Key dates
02Disclosure timeline
April 11, 2022
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-1701 keerti1924 PHP-MYSQL-User-Login-System edit.php access control
CVE-2023-22487 Post mentions can be used to read any post on the forum without access control
CVE-2024-27891 On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.
CVE-2023-21752 Windows Backup Service Elevation of Privilege Vulnerability
CVE-2025-2499
