Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings
CVE-2023-25168

9.6CRITICAL

Key Information:

Vendor

Pterodactyl

Status
Wings
Vendor
CVE Published:
9 February 2023

What is CVE-2023-25168?

This vulnerability in Pterodactyl's Wings server control plane enables an attacker with an allocated 'server' to recursively delete files and directories on the host system. Additionally, it can be exploited in conjunction with another vulnerability to overwrite files. Users running Wings versions v1.11.x are advised to upgrade to v1.11.4, while those on the 1.7 series should update to v1.7.4 to mitigate this issue. There are currently no workarounds available for this vulnerability.

Affected Version(s)

wings < 1.7.4 < 1.7.4

wings >= 1.11.0, < 1.11.4 < 1.11.0, 1.11.4

References

https://github.com/pterodactyl/wings/security/advisories/...
x_refsource_CONFIRM
https://github.com/pterodactyl/wings/security/advisories/...
x_refsource_MISC
https://github.com/pterodactyl/wings/commit/429ac62dba229...
x_refsource_MISC

CVSS V3.1

Score:
9.6
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.