PT-2025-54252 · Anevia · Anevia Flamingo Xl/Xs
Published
2025-12-30
·
Updated
2026-01-02
·
CVE-2023-53983
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Anevia Flamingo XL/XS version 3.6.20
Description
The software contains a critical issue involving weak default administrative credentials. Attackers can easily guess these credentials to gain full remote system control without complex authentication. No exploit chain is needed to achieve root access.
Recommendations
Change the default administrative credentials immediately.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Anevia Flamingo Xl/Xs