CVE-2020-12729

MagicMotion Flamingo 2 has a lack of access control for reading from device descriptors...

CVE-2020-12730

MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery...

EUVD-2023-60534

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

EUVD-2024-55370

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the...

CVE-2024-58338

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the...

CVE-2024-58338

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the...

CVE-2023-53983

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2023-53983

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2024-58338

Anevia Flamingo XL 3.2.9 is affected by a restricted shell escape via the traceroute command. The underlying issue allows remote attackers to bypass the sandboxed login environment and inject shell commands, gaining full root access to the device. Documented impact includes full control and poten...

CVE-2024-58338 Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Traceroute Command

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the...

CVE-2024-58338 Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Traceroute Command

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the...

CVE-2023-53983 Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2023-53983

CVE-2023-53983 affects Anevia Flamingo XL/XS 3.6.20. The provided documents describe a critical vulnerability due to weak default administrative credentials that can be guessed, allowing attackers to gain full remote system control without complex authentication. No explicit remediation (patch/ve...

CVE-2023-53983 Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

Ateme Flamingo XL 安全漏洞

Ateme Flamingo XL is an application from Ateme, Inc. A security vulnerability exists in Ateme Flamingo XL version 3.2.9, which stems from a restricted shell escape and could lead to the execution of arbitrary commands...

PT-2025-54252

Name of the Vulnerable Software and Affected Versions Anevia Flamingo XL/XS version 3.6.20 Description The software contains a critical issue involving weak default administrative credentials. Attackers can easily guess these credentials to gain full remote system control without complex...

Ateme Flamingo XL 信任管理问题漏洞

Ateme Flamingo XL is an application from Ateme, Inc. Ateme Flamingo XL version 3.6.20 suffers from a Trust Management Issue vulnerability that stems from the use of weak default management credentials, which could lead to remote system control...

CVE-2025-66472

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...

CVE-2025-66472

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...

CVE-2025-66472 XWiki vulnerable to a reflected XSS via xredirect parameter in DeleteApplication

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...