Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Mar 5, 2026

Anevia Flamingo XL 3.2.9 Remote Root Jailbreak via Traceroute Command

CVE-2024-58338

Description

Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to escape the sandboxed environment through the traceroute command. Attackers can exploit the traceroute command to inject shell commands and gain full root access to the device by bypassing the restricted login environment.

Affected products

Ateme/Flamingo Xlv5
Range: 3.2.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/51516mitreexploit
www.vulncheck.com/advisories/anevia-flamingo-xl-remote-root-jailbreak-via-traceroute-commandmitrethird-party-advisory
www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5780.phpmitrethird-party-advisory
www.ateme.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000