CVSS 3.1 Score 7.5 of 10 (high)


Published Jun 28, 2024
CWE ID 290


CVE-2024-39350 is a vulnerability related to authentication bypass by spoofing in the RTSP functionality. This vulnerability allows man-in-the-middle attackers to gain unauthorized privileges through unspecified vectors. The affected products include Synology Camera Firmware versions before 1.0.7-0298 on the BC500 and TC500 models. The potential danger of this vulnerability is rated as high, with a base severity score of 7.5 out of 10. To remediate this issue, it is recommended to update the camera firmware to version 1.0.7-0298 or later.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.


Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-39350 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions