Lucene search
K

146 matches found

Veracode
Veracode
added 2023/02/25 8:47 p.m.35 views

Privilege Escalation

haproxy, buster is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order for an attacker...

9.1CVSS8.7AI score0.05493EPSS
Exploits0References10Affected Software4
Veracode
Veracode
added 2023/02/25 8:46 p.m.34 views

Privilege Escalation

firefox is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order for an attacker to...

6.5CVSS7.9AI score0.00672EPSS
Exploits0References5Affected Software5
Veracode
Veracode
added 2023/02/25 8:46 p.m.30 views

Privilege Escalation

firefox is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order for an attacker to...

8.8CVSS8AI score0.00681EPSS
Exploits0References5Affected Software5
Veracode
Veracode
added 2023/02/12 2:41 p.m.28 views

Privilege Escalation

github.com/pterodactyl/wings is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order fo...

8.8CVSS8.2AI score0.00682EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/10 11:11 p.m.38 views

GHSA-66P8-J459-RQ63 Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system

Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this...

9.6CVSS8.3AI score0.00956EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/02/10 11:11 p.m.24 views

Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system

Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this...

9.6CVSS7.8AI score0.00956EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2023/02/09 12:16 a.m.42 views

CVE-2023-25168

Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...

9.6CVSS9.3AI score0.00956EPSS
Exploits0References3
CVE
CVE
added 2023/02/08 11:43 p.m.79 views

CVE-2023-25168

CVE-2023-25168 affects Pterodactyl Wings (server control plane). Description: UNIX Symbolic Link (Symlink) Following enables deletion of files/directories on the host when a server is allocated; may be used with GHSA-p8r3-83r8-jwj5 to overwrite host files. Root cause: symbolic link handling in Wi...

9.6CVSS8.8AI score0.00956EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/02/08 11:43 p.m.44 views

CVE-2023-25168 Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings

Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...

9.6CVSS9.5AI score0.00956EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/08 11:43 p.m.11 views

CVE-2023-25168 Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings

Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...

9.6CVSS9.5AI score0.00956EPSS
Exploits0References3
OSV
OSV
added 2023/02/08 11:43 p.m.35 views

CVE-2023-25168 Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings

Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an...

9.6CVSS8.3AI score0.00956EPSS
Exploits0References5
NVD
NVD
added 2023/02/08 7:15 p.m.34 views

CVE-2023-25152

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

8.8CVSS8.9AI score0.00682EPSS
Exploits0References2
Prion
Prion
added 2023/02/08 7:15 p.m.23 views

Design/Logic Flaw

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

6.5CVSS8.4AI score0.00682EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/08 6:52 p.m.84 views

CVE-2023-25152

Wings (Pterodactyl) contains a privilege/escalation vector in its server control plane: affected Wings Daemon versions allow an attacker with an existing allocated server to create new files/directories on the host, potentially changing resource allocations, promoting containers to privileged mod...

8.8CVSS8.6AI score0.00682EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/02/08 6:52 p.m.51 views

CVE-2023-25152 Symbolic Link (Symlink) Following in github.com/pterodactyl/wings

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

8.4CVSS8.8AI score0.00682EPSS
Exploits0References2
OSV
OSV
added 2023/02/08 6:52 p.m.24 views

CVE-2023-25152 Symbolic Link (Symlink) Following in github.com/pterodactyl/wings

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

8.4CVSS8.6AI score0.00682EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/02/08 6:52 p.m.8 views

CVE-2023-25152 Symbolic Link (Symlink) Following in github.com/pterodactyl/wings

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...

8.4CVSS8.8AI score0.00682EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/02/08 6:19 p.m.82 views

Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following

Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can be used to create new files and on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode...

8.8CVSS8.1AI score0.00682EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/02/08 6:19 p.m.35 views

GHSA-P8R3-83R8-JWJ5 Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following

Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can be used to create new files and on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode...

8.4CVSS8.2AI score0.00956EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/02/08 12:0 a.m.3 views

Wings 后置链接漏洞

Wings is the server control interface for Pterodactyl Panel. A backlink vulnerability exists in Wings v1.7.x prior to v1.7.4, and v1.11.x prior to v1.11.4, which stems from the ability to recursively delete files and directories on the host system, which could be exploited by an attacker to...

9.6CVSS8AI score0.00956EPSS
Exploits0References5
Rows per page
Query Builder