CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34066 – Arbitrary File Write/Read in Pterodactyl wings
https://notcve.org/view.php?id=CVE-2024-34066
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has been addressed in version 1.11.12 and users are advised to upgrade. Users unable to upgrade may enable the `ignore_panel_config_updates` option as a workaround. Pterodactyl Wings es el plano de control del servidor para Pterodactyl Panel. • https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34068 – Server-side Request Forgery during remote file pull in Pterodactyl wings
https://notcve.org/view.php?id=CVE-2024-34068
Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This issue has been addressed in version 1.11.2 and users are advised to upgrade. Users unable to upgrade may enable the `api.disable_remote_download` option as a workaround. • https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8 https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv https://github.com/pterodactyl/wings/security/advisories/GHSA-qq22-jj8x-4wwv • CWE-284: Improper Access Control CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27102 – Improper isolation of server file access in github.com/pterodactyl/wings
https://notcve.org/view.php?id=CVE-2024-27102
Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside of a server's base directory (sandbox root) is possible. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by Wings. • https://github.com/pterodactyl/wings/commit/d1c0ca526007113a0f74f56eba99511b4e989287 https://github.com/pterodactyl/wings/security/advisories/GHSA-494h-9924-xww9 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-363: Race Condition Enabling Link Following •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32080 – Wings vulnerable to escape to host from installation container
https://notcve.org/view.php?id=CVE-2023-32080
Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to modify an server's install script or the install script executes code supplied by the user (either through environment variables, or commands that execute commands based off of user data). This vulnerability has been resolved in version `v1.11.6` of Wings, and has been back-ported to the 1.7 release series in `v1.7.5`. Anyone running `v1.11.x` should upgrade to `v1.11.6` and anyone running `v1.7.x` should upgrade to `v1.7.5`. There are no workarounds aside from upgrading. • https://github.com/pterodactyl/wings/releases/tag/v1.11.6 https://github.com/pterodactyl/wings/releases/tag/v1.17.5 https://github.com/pterodactyl/wings/security/advisories/GHSA-p744-4q6p-hvc2 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-25168 – Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings
https://notcve.org/view.php?id=CVE-2023-25168
Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with `GHSA-p8r3-83r8-jwj5` to overwrite files on the host system. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by Wings. This vulnerability has been resolved in version `v1.11.4` of Wings, and has been back-ported to the 1.7 release series in `v1.7.4`. • https://github.com/pterodactyl/wings/commit/429ac62dba22997a278bc709df5ac00a5a25d83d https://github.com/pterodactyl/wings/security/advisories/GHSA-66p8-j459-rq63 https://github.com/pterodactyl/wings/security/advisories/GHSA-p8r3-83r8-jwj5 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •