GCVE - cpe:2.3:h:ateme:flamingo_xl:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:ateme:flamingo_xl:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Ateme (`6cb0dc4b-9f1a-57c2-8f87-40ebc4f8b346`)
Product	Flamingo Xl (`0c792d9a-a7c1-5069-ae0e-ba784b63d01d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-58338`	not_vulnerable	2026-06-08 06:56:14.476663	Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Traceroute Command CRITICAL (10) Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the restricted login environment. Published: 2025-12-30T22:41:45.411Z Updated: 2026-03-05T12:03:44.307Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/51516 https://www.ateme.com https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5780.php https://www.vulncheck.com/advisories/anevia-flamingo-xl-remote-root-jailbreak-via-traceroute-command	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-58338`	vulnerable	2026-06-08 06:56:14.476531	Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Traceroute Command CRITICAL (10) Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the restricted login environment. Published: 2025-12-30T22:41:45.411Z Updated: 2026-03-05T12:03:44.307Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/51516 https://www.ateme.com https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5780.php https://www.vulncheck.com/advisories/anevia-flamingo-xl-remote-root-jailbreak-via-traceroute-command	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36252`	not_vulnerable	2026-06-08 06:06:28.671174	Details available An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service via a the session expiration function. Published: 2023-06-26T00:00:00.000Z Updated: 2024-12-03T18:55:40.283Z Open on db.gcve.eu Reference links https://www.zeroscience.mk/en/vulnerabilities/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.