Skip to main content

Tc500 Firmware

7 CVEs product

Monthly

CVE-2024-11131 CRITICAL This Week

A vulnerability regarding out-of-bounds read is found in the video interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow Synology Tc500 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-39350 HIGH This Week

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Synology Tc500 Firmware Bc500 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-39352 MEDIUM This Month

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Synology Bc500 Firmware Tc500 Firmware
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-39351 HIGH This Week

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the NTP configuration. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Synology Bc500 Firmware Tc500 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2024-39349 CRITICAL Act Now

A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Synology Bc500 Firmware Tc500 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-5463 MEDIUM This Month

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Synology Bc500 Firmware Tc500 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-5746 CRITICAL Act Now

A vulnerability regarding use of externally-controlled format string is found in the cgi component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Synology Bc500 Firmware Tc500 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
EPSS 1% CVSS 9.8
CRITICAL This Week

A vulnerability regarding out-of-bounds read is found in the video interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Synology Tc500 Firmware +1
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Synology Bc500 Firmware +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the NTP configuration. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Synology Bc500 Firmware +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability regarding buffer copy without checking size of input ('Classic Buffer Overflow') is found in the libjansson component and it does not affect the upstream library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Synology +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Synology Bc500 Firmware +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability regarding use of externally-controlled format string is found in the cgi component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Synology Bc500 Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy