Wings Security Vulnerabilities and Issues — Wings CVE List

Lucene search

PterodactylWings

7 matches found

CVE•added 2024/05/03 6:15 p.m.•72 views

CVE-2024-34068

Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. Thi...

6.4CVSS6.3AI score0.00174EPSS

CVE•added 2021/06/22 8:15 p.m.•65 views

CVE-2021-32699

Wings is the control plane software for the open source Pterodactyl game management system. All versions of Pterodactyl Wings prior to 1.4.4 are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more resources than intended...

6.5CVSS6.3AI score0.00131EPSS

CVE•added 2023/02/08 7:15 p.m.•63 views

CVE-2023-25152

Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their container...

8.8CVSS8.6AI score0.00281EPSS

CVE•added 2023/02/09 12:16 a.m.•58 views

CVE-2023-25168

Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with GHSA-p8r3-83r8-jwj5 to overwrite files on the host system. In order to use this exploit, an attacker must have an exist...

9.6CVSS8.8AI score0.00245EPSS

CVE•added 2024/03/13 9:15 p.m.•52 views

CVE-2024-27102

Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside of ...

9.9CVSS9.4AI score0.00327EPSS

CVE•added 2024/05/03 6:15 p.m.•46 views

CVE-2024-34066

Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has...

8.4CVSS6.8AI score0.00249EPSS

CVE•added 2023/05/10 9:15 p.m.•39 views

CVE-2023-32080

Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to m...

9CVSS9.2AI score0.00218EPSS