146 matches found
GO-2024-2815 Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings
Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings...
Fedora: Security Advisory for rust-bat (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GO-2024-2642 Pterodactyl Wings vulnerable to improper isolation of server file access in github.com/pterodactyl/wings
Pterodactyl Wings vulnerable to improper isolation of server file access in github.com/pterodactyl/wings...
GHSA-QQ22-JJ8X-4WWV Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull
Impact An authenticated user who has access to a game server is able to bypass the previously implemented access control https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This wou...
Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull
Impact An authenticated user who has access to a game server is able to bypass the previously implemented access control https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This wou...
GHSA-GQMF-JQGV-V8FW Pterodactyl Wings vulnerable to Arbitrary File Write/Read
Impact If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. Workarounds Enabling the ignorepanelconfigupdates option or updating to th...
Pterodactyl Wings vulnerable to Arbitrary File Write/Read
Impact If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. Workarounds Enabling the ignorepanelconfigupdates option or updating to th...
CVE-2024-34066
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34066
The CVE-2024-34066 issue affects Pterodactyl Wings (github.com/pterodactyl/wings). If the Wings token is leaked (for example via node configuration exposure or accidental posting), an attacker can gain arbitrary file write and read access on the associated node. Root cause: leaked token enabling ...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34068 Server-side Request Forgery during remote file pull in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. Thi...
CVE-2024-34068 Server-side Request Forgery during remote file pull in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. Thi...
Pterodactyl 跨站脚本漏洞
Pterodactyl is an open source game server administration panel built using PHP, Nodejs and Go. A cross-site scripting vulnerability exists in versions of Pterodactyl prior to 1.11.6, which stems from the fact that importing a malicious egg or gaining access to a wings instance may result in...
Wings 安全漏洞
Wings is the server control interface for Pterodactyl Panel. A security vulnerability exists in Wings versions prior to 1.11.12, which stems from a Wings token that can be accidentally disclosed by viewing the node configuration, allowing an attacker to use it to gain write and read access to...
PT-2024-25677 · Pterodactyl · Pterodactyl Wings
Name of the Vulnerable Software and Affected Versions: Pterodactyl Wings versions prior to 1.11.12 Description: The issue allows an attacker to gain arbitrary file write and read access on a node if the Wings token is leaked, either by viewing the node configuration or posting it accidentally...
Wings 代码问题漏洞
Wings is the server control interface for Pterodactyl Panel. A security vulnerability exists in versions of Wings prior to 1.11.12, which arises from the ability of a user with privileged access to the game server to bypass previously implemented access controls, allowing an attacker to access...
GHSA-494H-9924-XWW9 Pterodactyl Wings vulnerable to improper isolation of server file access
Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside of a server's base directory sandbox root is...
Pterodactyl Wings vulnerable to improper isolation of server file access
Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside of a server's base directory sandbox root is...