A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.5-0185 may be affected: BC500 and TC500.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSynology Bc500
HWSynologywszystkie wersjeSynology Bc500 Firmware
OSSynology< 1.0.5-0185Synology Tc500
HWSynologywszystkie wersjeSynology Tc500 Firmware
OSSynology< 1.0.5-0185
Related vulnerabilities
Out-of-bounds read w firmware kamer Synology umożliwia RCE
Buffer Overflow w firmware kamer Synology BC500/TC500 umożliwia RCE
A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injec...
A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows ma...
A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injec...