CVE-2023-47802 - Vulnerability Details - OpenCVE

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Synology	Bc500 Bc500 Firmware Tc500 Tc500 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:synology:bc500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:synology:bc500:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:synology:tc500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:synology:tc500:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.synology.com/en-global/security/advisory/Synology_SA_23_15

History

Tue, 04 Mar 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Synology Synology bc500 Synology bc500 Firmware Synology tc500 Synology tc500 Firmware
CPEs		cpe:2.3:h:synology:bc500:-:::::::* cpe:2.3:h:synology:tc500:-:::::::* cpe:2.3:o:synology:bc500_firmware:::::::: cpe:2.3:o:synology:tc500_firmware::::::::
Vendors & Products		Synology Synology bc500 Synology bc500 Firmware Synology tc500 Synology tc500 Firmware

MITRE

Status: PUBLISHED

Assigner: synology

Published: 2024-06-28T06:01:58.733Z

Updated: 2024-08-02T21:16:43.691Z

Reserved: 2023-11-10T07:59:45.608Z

Link: CVE-2023-47802

Vulnrichment

Updated: 2024-08-02T21:16:43.691Z

NVD

Status : Analyzed

Published: 2024-06-28T06:15:03.220

Modified: 2025-04-10T19:11:39.490

Link: CVE-2023-47802

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-47802", "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "state": "PUBLISHED", "assignerShortName": "synology", "dateReserved": "2023-11-10T07:59:45.608Z", "datePublished": "2024-06-28T06:01:58.733Z", "dateUpdated": "2024-08-02T21:16:43.691Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "cweId": "CWE-78", "type": "CWE"}]}], "affected": [{"vendor": "Synology", "product": "Camera Firmware", "versions": [{"version": "1.0", "status": "affected", "lessThan": "1.0.7-0298", "versionType": "semver"}], "defaultStatus": "affected", "platforms": ["BC500", "TC500"]}], "descriptions": [{"lang": "en", "value": "A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}}], "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "Jaehoon Jang, Wonbeen Im, STEALIEN(https://stealien.com)", "type": "finder"}], "providerMetadata": {"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology", "dateUpdated": "2024-06-28T06:01:58.733Z"}}, "adp": [{"affected": [{"vendor": "synology", "product": "camera_firmware", "cpes": ["cpe:2.3:a:synology:camera_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.0", "status": "affected", "lessThan": "1.0.7-0298", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T19:15:52.993070Z", "id": "CVE-2023-47802", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T17:25:07.479Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:16:43.691Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:16:43.691Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47802", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-28T19:15:52.993070Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:synology:camera_firmware:*:*:*:*:*:*:*:*"], "vendor": "synology", "product": "camera_firmware", "versions": [{"status": "affected", "version": "1.0", "lessThan": "1.0.7-0298", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T16:19:26.689Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Jaehoon Jang, Wonbeen Im, STEALIEN(https://stealien.com)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Synology", "product": "Camera Firmware", "versions": [{"status": "affected", "version": "1.0", "lessThan": "1.0.7-0298", "versionType": "semver"}], "platforms": ["BC500", "TC500"], "defaultStatus": "affected"}], "references": [{"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15", "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "shortName": "synology", "dateUpdated": "2024-06-28T06:01:58.733Z"}}}, "cveMetadata": {"cveId": "CVE-2023-47802", "state": "PUBLISHED", "dateUpdated": "2024-08-02T21:16:43.691Z", "dateReserved": "2023-11-10T07:59:45.608Z", "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01", "datePublished": "2024-06-28T06:01:58.733Z", "assignerShortName": "synology"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:synology:bc500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "11106950-DFD0-441A-8DE3-DA19C15281B1", "versionEndExcluding": "1.0.7-0298", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:synology:bc500:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FD618BD-29BD-4F43-9BEF-F73065247580", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:synology:tc500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4DBB838-E652-4C96-AC50-AF07510EF8E5", "versionEndExcluding": "1.0.7-0298", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:synology:tc500:-:*:*:*:*:*:*:*", "matchCriteriaId": "582C2C89-3351-4DC6-B40A-7E2E4CA6AFEA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability regarding improper neutralization of special elements used in an OS command ('OS Command Injection') is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."}, {"lang": "es", "value": "Una vulnerabilidad relacionada con la neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando del sistema operativo ('Inyecci\u00f3n de comando del sistema operativo') se encuentra en la funcionalidad de bloqueo de IP. Esto permite a usuarios remotos autenticados con privilegios de administrador ejecutar comandos arbitrarios a trav\u00e9s de vectores no especificados. Los siguientes modelos con versiones de firmware de c\u00e1mara Synology anteriores a 1.0.7-0298 pueden verse afectados: BC500 y TC500."}], "id": "CVE-2023-47802", "lastModified": "2025-04-10T19:11:39.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security@synology.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-28T06:15:03.220", "references": [{"source": "security@synology.com", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15"}], "sourceIdentifier": "security@synology.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security@synology.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}