Browse all 3 CVE security advisories affecting Exadel. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Exadel develops enterprise software solutions with a focus on application development and digital transformation platforms. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. While no major public security incidents have been widely documented, the three CVEs on record highlight persistent weaknesses in authentication mechanisms and insecure default configurations. Security researchers have noted that their frameworks occasionally require immediate patching due to critical flaws that could allow unauthorized system access or data compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-3201 | Flamingo amf-serializer by Exadel, version 2.2.0, Action Message Format (AMF3) Java implementation is vulnerable to insecure deserialization — Flamingo amf-serializerCWE-502 | 8.1 | - | 2018-06-11 |
| CVE-2017-3202 | The implementation of Action Message Format (AMF3) deserializers in Flamingo amf-serializer by Exadel, version 2.2.0, may allow instantiation of arbitrary classes due to improper code control — Flamingo amf-serializerCWE-913 | 9.8 | - | 2018-06-11 |
| CVE-2017-3206 | The Action Message Format (AMF3) deserializers used by Flamingo amf-serializer by Exadel, version 2.2.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages — Flamingo amf-serializerCWE-611 | 9.8 | - | 2018-06-11 |
This page lists every published CVE security advisory associated with Exadel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.