CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49762 – Pterodactyl Panel has plain-text logging of user passwords when two-factor authentication is disabled
https://notcve.org/view.php?id=CVE-2024-49762
24 Oct 2024 — Pterodactyl is a free, open-source game server management panel. When a user disables two-factor authentication via the Panel, a `DELETE` request with their current password in a query parameter will be sent. While query parameters are encrypted when using TLS, many webservers (including ones officially documented for use with Pterodactyl) will log query parameters in plain-text, storing a user's password in plain text. Prior to version 1.11.8, if a malicious user obtains access to these logs they could pot... • https://github.com/pterodactyl/panel/commit/75b59080e2812ced677dab516222b2a3bb34e3a4 • CWE-313: Cleartext Storage in a File or on Disk •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34066 – Arbitrary File Write/Read in Pterodactyl wings
https://notcve.org/view.php?id=CVE-2024-34066
03 May 2024 — Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has been addressed in version 1.11.12 and users are advised to upgrade. Users unable to upgrade may enable the `ignore_panel_config_updates` option as a workaround. Pterodactyl Wings es el plano de control del servid... • https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34067 – Multiple cross site scripting (XSS) vulnerabilities in the admin area of Pterodactyl panel
https://notcve.org/view.php?id=CVE-2024-34067
03 May 2024 — Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access to wings instance could lead to cross site scripting (XSS) on the panel, which could be used to gain an administrator account on the panel. Specifically, the following things are impacted: Egg Docker images and Egg variables: Name, Environment variable, Default value, Description, Validation rules. Additionally, certain fields would reflect malicious input, but it would ... • https://github.com/pterodactyl/panel/commit/0dad4c5a488661f9adc27dd311542516d9bfa0f2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34068 – Server-side Request Forgery during remote file pull in Pterodactyl wings
https://notcve.org/view.php?id=CVE-2024-34068
03 May 2024 — Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This issue has been addressed in version 1.11.2 and users are advised to upgrade. Users unable ... • https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8 • CWE-284: Improper Access Control CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27102 – Improper isolation of server file access in github.com/pterodactyl/wings
https://notcve.org/view.php?id=CVE-2024-27102
13 Mar 2024 — Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside of a server's base directory (sandbox root) is possible. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by Wings. • https://github.com/pterodactyl/wings/commit/d1c0ca526007113a0f74f56eba99511b4e989287 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-363: Race Condition Enabling Link Following •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32080 – Wings vulnerable to escape to host from installation container
https://notcve.org/view.php?id=CVE-2023-32080
10 May 2023 — Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to modify an server's install script or the install script executes code supplied by the user (either through environment variables, or commands that execute commands based off of user data). This vulnerability has be... • https://github.com/pterodactyl/wings/releases/tag/v1.11.6 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-25168 – Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings
https://notcve.org/view.php?id=CVE-2023-25168
08 Feb 2023 — Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with `GHSA-p8r3-83r8-jwj5` to overwrite files on the host system. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by Wings. This vulnerability has been resolved in version `v1.11.4` of Wings, and has been back-ported to the 1.7 release series in `v1.7.4`. • https://github.com/pterodactyl/wings/commit/429ac62dba22997a278bc709df5ac00a5a25d83d • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25152 – Symbolic Link (Symlink) Following in github.com/pterodactyl/wings
https://notcve.org/view.php?id=CVE-2023-25152
08 Feb 2023 — Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode, or potentially add ssh authorized keys to allow the attacker access to a remote shell on the target machine. In order to use this exploit, an attacker must have an existing "server" allocated... • https://github.com/pterodactyl/wings/commit/dac9685298c3c1c49b3109fa4241aa88272b9f14 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41273 – Cross-Site Request Forgery allowing sending of test emails and generation of node auto-deployment keys
https://notcve.org/view.php?id=CVE-2021-41273
17 Nov 2021 — Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. Due to improperly configured CSRF protections on two routes, a malicious user could execute a CSRF-based attack against the following endpoints: Sending a test email and Generating a node auto-deployment token. At no point would any data be exposed to the malicious user, this would simply trigger email spam to an administrative user, or generate a single auto-deployment token unexpectedly. This token is not revealed ... • https://github.com/pterodactyl/panel/commit/bf9cbe2c6d5266c6914223e067c56175de7fc3a5 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41176 – logout CSRF in Pterodactyl Panel
https://notcve.org/view.php?id=CVE-2021-41176
25 Oct 2021 — Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. In affected versions of Pterodactyl a malicious user can trigger a user logout if a signed in user visits a malicious website that makes a request to the Panel's sign-out endpoint. This requires a targeted attack against a specific Panel instance, and serves only to sign a user out. **No user details are leaked, nor is any user data affected, this is simply an annoyance at worst.** This is fixed in version 1.6.3. Pte... • https://github.com/pterodactyl/panel/commit/45999ba4ee1b2dcb12b4a2fa2cedfb6b5d66fac2 • CWE-352: Cross-Site Request Forgery (CSRF) •