An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service via a the session expiration function.
References
| Link | Resource |
|---|---|
| https://www.zeroscience.mk/en/vulnerabilities/ | Third Party Advisory |
| https://www.zeroscience.mk/en/vulnerabilities/ | Third Party Advisory |
Configurations
History
03 Dec 2024, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-613 |
21 Nov 2024, 08:09
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.zeroscience.mk/en/vulnerabilities/ - Third Party Advisory |
06 Jul 2023, 16:07
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://www.zeroscience.mk/en/vulnerabilities/ - Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:h:ateme:flamingo_xs:-:*:*:*:*:*:*:* cpe:2.3:o:ateme:flamingo_xl_firmware:3.6.20:*:*:*:*:*:*:* cpe:2.3:o:ateme:flamingo_xs_firmware:3.6.5:*:*:*:*:*:*:* cpe:2.3:h:ateme:flamingo_xl:-:*:*:*:*:*:*:* |
26 Jun 2023, 22:13
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-06-26 19:15
Updated : 2024-12-03 19:15
NVD link : CVE-2023-36252
Mitre link : CVE-2023-36252
CVE.ORG link : CVE-2023-36252
JSON object : View
Products Affected
ateme
- flamingo_xl
- flamingo_xl_firmware
- flamingo_xs
- flamingo_xs_firmware
CWE