Synology

Tc500 Firmware

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-39350

  • EPSS 0.05%
  • Published 28.06.2024 07:15:06
  • Last modified 21.11.2024 09:27:31

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware v...

4.9

CVE-2024-39352

  • EPSS 0.07%
  • Published 28.06.2024 06:15:06
  • Last modified 10.04.2025 18:14:54

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models wi...

9.8

CVE-2024-39349

  • EPSS 6.41%
  • Published 28.06.2024 06:15:05
  • Last modified 10.04.2025 19:03:39

A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. This allows remote attackers to execute arbitrary code via unspecified ...

7.2

CVE-2024-39351

  • EPSS 0.66%
  • Published 28.06.2024 06:15:05
  • Last modified 10.04.2025 18:38:11

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands...

5.3

CVE-2023-47803

  • EPSS 0.21%
  • Published 28.06.2024 06:15:04
  • Last modified 10.04.2025 18:38:20

A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via uns...

7.2

CVE-2023-47802

  • EPSS 0.25%
  • Published 28.06.2024 06:15:03
  • Last modified 10.04.2025 19:11:39

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary com...

6.5

CVE-2024-5463

  • EPSS 1.64%
  • Published 04.06.2024 10:15:12
  • Last modified 04.08.2025 19:09:23

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited ...

9.8

CVE-2023-5746

  • EPSS 5.89%
  • Published 25.10.2023 18:17:44
  • Last modified 21.11.2024 08:42:24

A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0...