A vulnerability regarding out-of-bounds read is found in the video interface. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.2.0-0525 may be affected: BC500, CC400W and TC500.
An out-of-bounds read error (CWE-125) occurs in the video interface of Synology camera firmware. An attacker can remotely send specially crafted requests via unspecified vectors through the network, which leads to reading data outside the allocated memory buffer. Improper processing of this data can subsequently be exploited to execute arbitrary code on the device.
Successful exploitation of this vulnerability allows an unauthenticated attacker to remotely execute arbitrary code (RCE) on the vulnerable camera, which may result in complete takeover of the device, breach of confidentiality, integrity, and availability of the system.
Update Synology Camera Firmware to version 1.2.0-0525 or later. Detailed information and update files are available in the official Synology security bulletin: https://www.synology.com/en-global/security/advisory/Synology_SA_24_24
Synology cameras BC500, CC400W, and TC500 with Synology Camera Firmware version earlier than 1.2.0-0525.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSynology Bc500
HWSynologywszystkie wersjeSynology Bc500 Firmware
OSSynology< 1.2.0-0525Synology Cc400w
HWSynologywszystkie wersjeSynology Cc400w Firmware
OSSynology< 1.2.0-0525Synology Tc500
HWSynologywszystkie wersjeSynology Tc500 Firmware
OSSynology< 1.2.0-0525
Related vulnerabilities
Buffer Overflow w firmware kamer Synology BC500/TC500 umożliwia RCE
A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allow...
A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injec...
A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows ma...
A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injec...