Synology

Tc500 Firmware

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-39350

  • EPSS 0.05%
  • Veröffentlicht 28.06.2024 07:15:06
  • Zuletzt bearbeitet 21.11.2024 09:27:31

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware v...

4.9

CVE-2024-39352

  • EPSS 0.07%
  • Veröffentlicht 28.06.2024 06:15:06
  • Zuletzt bearbeitet 10.04.2025 18:14:54

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models wi...

9.8

CVE-2024-39349

  • EPSS 6.41%
  • Veröffentlicht 28.06.2024 06:15:05
  • Zuletzt bearbeitet 10.04.2025 19:03:39

A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. This allows remote attackers to execute arbitrary code via unspecified ...

7.2

CVE-2024-39351

  • EPSS 0.66%
  • Veröffentlicht 28.06.2024 06:15:05
  • Zuletzt bearbeitet 10.04.2025 18:38:11

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands...

5.3

CVE-2023-47803

  • EPSS 0.21%
  • Veröffentlicht 28.06.2024 06:15:04
  • Zuletzt bearbeitet 10.04.2025 18:38:20

A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via uns...

7.2

CVE-2023-47802

  • EPSS 0.25%
  • Veröffentlicht 28.06.2024 06:15:03
  • Zuletzt bearbeitet 10.04.2025 19:11:39

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary com...

6.5

CVE-2024-5463

  • EPSS 1.64%
  • Veröffentlicht 04.06.2024 10:15:12
  • Zuletzt bearbeitet 04.08.2025 19:09:23

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited ...

9.8

CVE-2023-5746

  • EPSS 5.89%
  • Veröffentlicht 25.10.2023 18:17:44
  • Zuletzt bearbeitet 21.11.2024 08:42:24

A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0...