Web Viewer 1.0.0.193 on Samsung SRN-1670D device suffers from an Unrestricted file upload vulnerability. It allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload directory.
