What is CVE-2023-32080?

CVE-2023-32080 is a critical-severity vulnerability in Pterodactyl Wings, classified under CWE-250. CVSS score: 9.1/10. Published 2023-05-10.

How severe is CVE-2023-32080?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Pterodactyl Wings

CVE-2023-32080

Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain a…

EPSS: 0.007 (73.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H.

Affected products

Pterodactyl Wings — versions < 1.7.5, >= 1.11.0, < 1.11.6

Weakness classification (CWE)

CWE-250

References

https://github.com/pterodactyl/wings/security/advisories/GHSA-p744-4q6p-hvc2 (x_refsource_CONFIRM)
https://github.com/pterodactyl/wings/releases/tag/v1.11.6 (x_refsource_MISC)
https://github.com/pterodactyl/wings/releases/tag/v1.17.5 (x_refsource_MISC)

Frequently asked questions

What is CVE-2023-32080?: CVE-2023-32080 is a critical-severity vulnerability in Pterodactyl Wings, classified under CWE-250. CVSS score: 9.1/10. Published 2023-05-10.
How severe is CVE-2023-32080?: Critical severity. CVSS v3 base score is 9.1 out of 10.