12 matches found
HTB-Pterodactyl-Writeup
HackTheBox — Pterodactyl Writeup Difficulty: Medium |...
Exploit for CVE-2025-49132
CVE-2025-49132-POC I made this poc for my personal cha...
Exploit for CVE-2025-49132
CVE-2025-49132-poc I made this poc for CVE-2025-49132https...
Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
Exploit Title: Pterodactyl Panel 1.11.11 - Remote Code Execution RCE Date: 22/06/2025 Exploit Author: Zen-kun04 Vendor Homepage: https://pterodactyl.io/ Software Link: https://github.com/pterodactyl/panel Version: 1.11.11 Tested on: Ubuntu 22.04.5 LTS CVE: CVE-2025-49132 import requests import js...
Exploit for CVE-2025-49132
CVE-2025-49132 Standalone Vulnerability Scanner Non-Docker...
Exploit for CVE-2025-49132
CVE-2025-49132poc Usage Examples 1. Scanning a single...
Exploit for CVE-2025-49132
CVE-2025-49132 Pterodactyl is a free, open-source game server...
CVE-2025-49132
Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it...
CVE-2025-49132 Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it...
CVE-2025-49132
Summary (CVE-2025-49132) Pterodactyl Panel versions up to 1.11.10 are affected by an unauthenticated remote code execution via the /locales/locale.json endpoint, where locale and namespace query parameters are passed to PHP include() unsafely. The vulnerability can lead to local file inclusion an...
CVE-2025-49132
creationtimestamp| type| source ---|---|--- 2025-06-19 16:52:25+00:00| seen| https://bsky.app/profile/ryan.staticnoi.se/post/3lrxycwhe7s2g 2025-06-19 16:52:25+00:00| seen| https://bsky.app/profile/ryan.staticnoi.se/post/3lrxycurark2g 2025-06-20 02:20:35+00:00| seen|...
VulnCheck KEV: CVE-2025-49132
Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code...