4 matches found
Ubuntu: Security Advisory (USN-5972-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary File Deletion
github.com/pterodactyl/wingso is vulnerable to Arbitrary File Deletion. A remote authenticated attacker is able to delete files and directories recursively on the host system via the vulnerable Delete function of filesystem.go. This vulnerability can further be exploited to overwrite existing fil...
CVE-2023-25152 Symbolic Link (Symlink) Following in github.com/pterodactyl/wings
Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...
CVE-2023-25152
Wings (Pterodactyl) contains a privilege/escalation vector in its server control plane: affected Wings Daemon versions allow an attacker with an existing allocated server to create new files/directories on the host, potentially changing resource allocations, promoting containers to privileged mod...