CVE-2023-47803 Information

Description

A vulnerability regarding improper limitation of a pathname to a restricted directory (‘Path Traversal’) is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500.

Reference

https://www.synology.com/en-global/security/advisory/Synology_SA_23_15