Tgstation13 Tgstation-Server vulnerabilities
7 known vulnerabilities affecting tgstation13/tgstation-server.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-41799P2CRITICALCVSS 9.9≥ 4.0.0, < 6.8.02024-07-29
CVE-2024-41799 [CRITICAL] CWE-22 CVE-2024-41799: tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permiss
tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .dme files could be uploaded via tgstation-server (requiring a separate, isolated privilege) or s
nvd
CVE-2025-21611P3HIGHCVSS 8.8≥ 6.11.0, < 6.12.32025-01-06
CVE-2025-21611 [HIGH] CWE-285 CVE-2025-21611: tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used
tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to authorize API methods were incorrectly OR'd instead of AND'ed with the role used to determine if a user was enabled. This allows enabled users access to most, but not all, authorized actions regardless of their permissions. Notably, the WriteUsers r
nvd
CVE-2018-17107P3CRITICALCVSS 9.8≥ 3.2.1.0, < 3.2.5.02018-09-24
CVE-2018-17107 [CRITICAL] CVE-2018-17107: In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cac
In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.
nvd
CVE-2020-16136P3HIGHCVSS 7.7v4.4.0v4.4.12020-07-31
CVE-2020-16136 [HIGH] CWE-22 CVE-2020-16136: In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can down
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however.
nvd
CVE-2023-33198P3HIGHCVSS 7.5≥ 4.0.0, < 5.12.22023-05-30
CVE-2023-33198 [HIGH] CWE-941 CVE-2023-33198: tgstation-server is a production scale tool for BYOND server management. The DreamMaker API (DMAPI)
tgstation-server is a production scale tool for BYOND server management. The DreamMaker API (DMAPI) chat channel cache can possibly be poisoned by a tgstation-server (TGS) restart and reattach. This can result in sending chat messages to one of any of the configured IRC or Discord channels for the instance on enabled chat bots. This lasts until the ins
nvd
CVE-2023-32687P3MEDIUMCVSS 6.5≥ 4.7.0, < 5.12.12023-05-29
CVE-2023-32687 [MEDIUM] CWE-522 CVE-2023-32687: tgstation-server is a toolset to manage production BYOND servers. Starting in version 4.7.0 and prio
tgstation-server is a toolset to manage production BYOND servers. Starting in version 4.7.0 and prior to 5.12.1, instance users with the list chat bots permission can read chat bot connections strings without the associated permission. This issue is patched in version 5.12.1. As a workaround, remove the list chat bots permission from users that shou
nvd
CVE-2023-34243P4MEDIUMCVSS 5.3≥ 4.0.0.0, < 5.12.52023-06-08
CVE-2023-34243 [MEDIUM] CWE-200 CVE-2023-34243: TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user wa
TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was registered in tgstation-server (TGS), an attacker could discover their username by brute-forcing the login endpoint with an invalid password. When a valid Windows logon was found, a distinct response would be generated. This issue has been addressed
nvd