CVE-2021-41129 — Deserialization of Untrusted Data in Panel

CWE-502 — Deserialization of Untrusted Data CWE-639 — Authorization Bypass Through User-Controlled Key CWE-807 — Reliance on Untrusted Inputs in a Security Decision CWE-287 — Improper Authentication3 documents3 sources

Severity

8.1HIGHNVD

EPSS

0.3%

top 50.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pterodactyl Panel

Timeline

Latest updateOct 4

PublishedOct 6

Description

Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not associated with the login attempt. In rare cases this can allow a malicious actor to authenticate as a random user in the Panel. The malicious user must target an account with two-factor authentication enabled, and then must provide a correct two-factor authe…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages3 packages

▶NVDpterodactyl/panel1.0.0 — 1.6.2

▶Packagistpterodactyl/panel1.0.0 — 1.6.2

▶CVEListV5pterodactyl/panel>= 1.0.0, < 1.6.2

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verification↗2021-10-04

▶

OSV

Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verification↗2021-10-04

▶