CVE-2024-39351

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jun 28, 2024

CWE ID 78

Summary

CVE-2024-39351 is a newly discovered vulnerability that affects Synology Camera firmware versions prior to 1.0.7-0298 on NTP configurations. This issue, classified as an OS Command Injection, permits remote authenticated users with administrator privileges to execute arbitrary commands through unspecified vectors. The affected models include the BC500 and TC500. This vulnerability poses a significant threat as it can lead to serious system compromise, emphasizing the importance of updating these models to the latest firmware to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/woTd2k
https://www.cve.org/CVERecord?id=CVE-2024-39351
https://nvd.nist.gov/vuln/detail/CVE-2024-39351

Back to Vulnerability Database

CVE-2024-39351

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations