Vulnerabilities > CVE-2023-36252 - Unspecified vulnerability in Ateme Flamingo XL Firmware and Flamingo XS Firmware

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ateme

NVD

Published: 2023-06-26

Updated: 2023-07-06

Summary

An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service via a the session expiration function.

Vulnerable Configurations

Part	Description	Count
OS	Ateme Ateme Flamingo XL Firmware 3.6.20 Ateme Flamingo XS Firmware 3.6.5	2
Hardware	Ateme Ateme Flamingo XL - Ateme Flamingo XS -	2

References

https://www.zeroscience.mk/en/vulnerabilities/