CVE-2023-47803: A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the
mediumvulnerability
security
Summary
CVE-2023-47803 is a path traversal vulnerability (a flaw where attackers bypass directory restrictions to access files they shouldn't) found in the Language Settings feature of certain Synology camera models. The vulnerability allows remote attackers to read non-sensitive files through unspecified methods, affecting BC500 and TC500 camera models running firmware versions before 1.0.7-0298.
Solution / Mitigation
Update Synology Camera Firmware to version 1.0.7-0298 or later for affected BC500 and TC500 models.
Vulnerability Details
CVSS Score
5.3(medium)
EPSS (30-day exploit probability)
EPSS: 0.3%
Classification
Attack SophisticationModerate
Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-47803
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 95%