N/A

A vulnerability regarding authentication bypass by spoofing is found in the RTSP functionality. This allows man-in-the-middle attackers to obtain privileges without consent via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500.

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

使用欺骗进行的认证绕过

Synology Camera Firmware 安全漏洞

Synology Camera Firmware是中国群晖科技（Synology）公司的一个网络摄像头的固件。 Synology Camera BC500 1.0.7-0298之前版本和TC500 1.0.7-0298之前版本存在安全漏洞，该漏洞源于存在欺骗绕过身份验证，允许中间人攻击者通过未指定的向量在未经同意的情况下获取权限。

N/A

N/A