CVE Record: CVE-2024-11131

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

alert

Notice: Keyword searching of CVE Records is now available in the search box above. Keywords may include a CVE ID (e.g., CVE-2024-1234), or one or more keywords separated by a space (e.g., authorization, SQL Injection, cross site scripting, etc.). Learn more here.

Expand or collapse notification button

Required CVE Record Information

Description

A vulnerability regarding out-of-bounds read is found in the video interface. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.2.0-0525 may be affected: BC500, CC400W and TC500.

CWE 1 Total

CWE-125: Out-of-bounds Read

CVSS 1 Total

Product Status

Versions 1 Total

Default Status: affected

affected

Credits

Viettel Cyber Security (@vcslab) finder

References 1 Total

synology.com: Synology-SA-24:24 Synology Camera (PWN2OWN 2024)
external site
vendor-advisory

Authorized Data Publishers