漏洞描述
Pterodactyl Panel 是一个开源的游戏服务器管理面板,采用 PHP + Laravel 构建,通过 Docker/Daemon 统一调度,支持 Minecraft、CS:GO、Rust 等多种游戏服务的快速部署、权限分级管理与资源配额分配。其 Web 界面直观,支持 API 自动化运维,可帮助运维人员便捷地在多节点环境中创建、监控和管理游戏服务器实例。
Pterodactyl Panel /locales/locale.json 信息泄露漏洞(CVE-2025-49132)
PoC代码
暂无相关漏洞推荐
- DPanel 硬编码漏洞(CVE-2025-30206)
- POC 1Panel 远程命令执行漏洞
- POC CVE-2012-4032: WebsitePanel before v1.2.2.1 - Open Redirect
- POC CVE-2018-18323: Centos Web Panel 0.9.8.480 - Local File Inclusion
- POC CVE-2021-3002: Seo Panel 4.8.0 - Cross-Site Scripting
- POC CVE-2021-31316: CentOS Web Panel - SQL Injection
- POC CVE-2021-31324: CentOS Web Panel - OS Command Injection
- POC CVE-2021-35336: Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access
- POC CVE-2021-41878: i-Panel Administration System 2.0 - Cross-Site Scripting
- POC CVE-2022-44877: CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution
- POC CVE-2023-29489: cPanel < 11.109.9999.116 - Cross-Site Scripting
- POC CVE-2024-39907: 1Panel SQL Injection - Authenticated
- POC CVE-2024-51378: CyberPanel - Command Injection