Vulnerability Details CVE-2024-5463
A vulnerability regarding buffer copy without checking the size of input ('Classic Buffer Overflow') has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 81.4%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2024-5463
-
cpe:2.3:h:synology:bc500:-
-
cpe:2.3:h:synology:tc500:-
-
cpe:2.3:o:synology:bc500_firmware:-
-
cpe:2.3:o:synology:bc500_firmware:1.0.4-0182
-
cpe:2.3:o:synology:bc500_firmware:1.0.5-0185
-
cpe:2.3:o:synology:bc500_firmware:1.0.6-0290
-
cpe:2.3:o:synology:bc500_firmware:1.0.6-0294
-
cpe:2.3:o:synology:bc500_firmware:1.0.7-0298
-
cpe:2.3:o:synology:bc500_firmware:1.1.0-0320
-
cpe:2.3:o:synology:tc500_firmware:-
-
cpe:2.3:o:synology:tc500_firmware:1.0.2-0142
-
cpe:2.3:o:synology:tc500_firmware:1.0.4-0182
-
cpe:2.3:o:synology:tc500_firmware:1.0.5-0185
-
cpe:2.3:o:synology:tc500_firmware:1.0.6-0290
-
cpe:2.3:o:synology:tc500_firmware:1.0.6-0294
-
cpe:2.3:o:synology:tc500_firmware:1.0.7-0298
-
cpe:2.3:o:synology:tc500_firmware:1.1.0-0320