Incorrect Authorization Vulnerability in Synology Surveillance Station
CVE-2023-52944

Currently unrated

Key Information:

Vendor: Synology
Vendor: CVE Published:; 4 December 2024

Summary

An incorrect authorization vulnerability exists in the ActionRule webapi component of Synology Surveillance Station, allowing remote authenticated users to perform limited actions on the action rules function. This flaw could potentially lead to unauthorized modifications or interactions with security settings, impacting the overall integrity and security of the surveillance environment. Users are advised to update to the latest version to mitigate any associated risks.

References

https://www.synology.com/en-global/security/advisory/Syno...

Timeline

Vulnerability published
Dec 4, 2024

Collectors

NVD Database