CNNVD-202601-1116 Information

CNNVD ID

CNNVD-202601-1116

Related CVE

CVE-2025-69197

• CNNVD Published: 2026-01-06

Description (Chinese)

Pterodactyl是一款使用PHP、Nodejs和Go构建的开源游戏服务器管理面板。 Pterodactyl 1.11.11及之前版本存在安全漏洞，该漏洞源于一次性密码在其有效期内可被多次使用，可能导致账户接管。

Description (English)

Pterodactyl is an open-source game server that uses PHP, Nodejs and Go to manage the panel. There is a security loophole in Pterodactyl 1.11.11 and earlier versions, which stems from the fact that a one-time password can be used several times during its validity and may lead to the account being taken over.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-06

Last Modified

2026-02-24

References

https://github.com/pterodactyl/panel/commit/032bf076d92bb2f929fa69c1bac1b89f26b8badf https://github.com/pterodactyl/panel/releases/tag/v1.12.0 https://github.com/pterodactyl/panel/security/advisories/GHSA-rgmp-4873-r683

Patch

https://github.com/pterodactyl/panel/releases