CVE-2023-47803 - Vulnerability Details - OpenCVE

A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Synology	Bc500 Bc500 Firmware Tc500 Tc500 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:synology:bc500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:synology:bc500:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:synology:tc500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:synology:tc500:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.synology.com/en-global/security/advisory/Synology_SA_23_15

History

Tue, 04 Mar 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Synology Synology bc500 Synology bc500 Firmware Synology tc500 Synology tc500 Firmware
CPEs		cpe:2.3:h:synology:bc500:-:::::::* cpe:2.3:h:synology:tc500:-:::::::* cpe:2.3:o:synology:bc500_firmware:::::::: cpe:2.3:o:synology:tc500_firmware::::::::
Vendors & Products		Synology Synology bc500 Synology bc500 Firmware Synology tc500 Synology tc500 Firmware

MITRE

Status: PUBLISHED

Assigner: synology

Published: 2024-06-28T06:03:01.476Z

Updated: 2024-08-02T21:16:43.667Z

Reserved: 2023-11-10T07:59:45.608Z

Link: CVE-2023-47803

Vulnrichment

Updated: 2024-08-02T21:16:43.667Z

NVD

Status : Analyzed

Published: 2024-06-28T06:15:04.833

Modified: 2025-03-04T18:43:40.097

Link: CVE-2023-47803

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-47803", "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "state": "PUBLISHED", "assignerShortName": "synology", "dateReserved": "2023-11-10T07:59:45.608Z", "datePublished": "2024-06-28T06:03:01.476Z", "dateUpdated": "2024-08-02T21:16:43.667Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "affected": [{"vendor": "Synology", "product": "Camera Firmware", "versions": [{"version": "1.0", "status": "affected", "lessThan": "1.0.7-0298", "versionType": "semver"}], "defaultStatus": "affected", "platforms": ["BC500", "TC500"]}], "descriptions": [{"lang": "en", "value": "A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}}], "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "Jaehoon Jang, Wonbeen Im, STEALIEN(https://stealien.com)", "type": "finder"}], "providerMetadata": {"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology", "dateUpdated": "2024-06-28T06:03:01.476Z"}}, "adp": [{"affected": [{"vendor": "synology", "product": "camera_firmware", "cpes": ["cpe:2.3:a:synology:camera_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.0", "status": "affected", "lessThan": "1.0.7-0298", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T19:22:09.946385Z", "id": "CVE-2023-47803", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-08T20:35:17.628Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:16:43.667Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:16:43.667Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-28T19:22:09.946385Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:synology:camera_firmware:*:*:*:*:*:*:*:*"], "vendor": "synology", "product": "camera_firmware", "versions": [{"status": "affected", "version": "1.0", "lessThan": "1.0.7-0298", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T16:17:35.284Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Jaehoon Jang, Wonbeen Im, STEALIEN(https://stealien.com)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Synology", "product": "Camera Firmware", "versions": [{"status": "affected", "version": "1.0", "lessThan": "1.0.7-0298", "versionType": "semver"}], "platforms": ["BC500", "TC500"], "defaultStatus": "affected"}], "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology", "dateUpdated": "2024-06-28T06:03:01.476Z"}}}, "cveMetadata": {"cveId": "CVE-2023-47803", "state": "PUBLISHED", "dateUpdated": "2024-08-02T21:16:43.667Z", "dateReserved": "2023-11-10T07:59:45.608Z", "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "datePublished": "2024-06-28T06:03:01.476Z", "assignerShortName": "synology"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:synology:bc500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "11106950-DFD0-441A-8DE3-DA19C15281B1", "versionEndExcluding": "1.0.7-0298", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:synology:bc500:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FD618BD-29BD-4F43-9BEF-F73065247580", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:synology:tc500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4DBB838-E652-4C96-AC50-AF07510EF8E5", "versionEndExcluding": "1.0.7-0298", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:synology:tc500:-:*:*:*:*:*:*:*", "matchCriteriaId": "582C2C89-3351-4DC6-B40A-7E2E4CA6AFEA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."}, {"lang": "es", "value": "Se encuentra una vulnerabilidad relacionada con la limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") en la funcionalidad Configuraci\u00f3n de idioma. Esto permite a atacantes remotos leer archivos espec\u00edficos que contienen informaci\u00f3n no confidencial a trav\u00e9s de vectores no especificados. Los siguientes modelos con versiones de firmware de c\u00e1mara Synology anteriores a 1.0.7-0298 pueden verse afectados: BC500 y TC500."}], "id": "CVE-2023-47803", "lastModified": "2025-03-04T18:43:40.097", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@synology.com", "type": "Secondary"}]}, "published": "2024-06-28T06:15:04.833", "references": [{"source": "security@synology.com", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15"}], "sourceIdentifier": "security@synology.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@synology.com", "type": "Secondary"}]}