CVE-2024-34068 | Pterodactyl Wings up to 1.11.11 api.disable_remote_download access control

Posted by Angelo Barbosa | May 3, 2024 | CVE

A vulnerability, which was classified as critical, was found in Pterodactyl Wings up to 1.11.11. Affected is the function api.disable_remote_download. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2024-34068. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34068 | Pterodactyl Wings up to 1.11.11 api.disable_remote_download access control

Related Posts

CVE-2023-40716 | Fortinet FortiTester up to 7.2.3 Restore/Backup os command injection (FG-IR-22-345)

CVE-2024-32030 | provectus kafka-ui up to 0.7.1 deserialization (GHSL-2023-229)

CVE-2024-7468 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface list_service_manage.php sslvpn_config_mod template/stylenum os command injection

CVE-2024-20320 | Cisco IOS XR SSH Local Privilege Escalation (cisco-sa-iosxr-ssh-privesc-eWDMKew3)