CNNVD-202601-3000 Information
CNNVD ID
CNNVD-202601-3000
Related CVE
- CNNVD Published: 2026-01-19
Description (Chinese)
Pterodactyl Panel是Pterodactyl开源的一个免费的开源游戏服务器管理面板。 Pterodactyl Panel 1.12.0之前版本存在安全漏洞,该漏洞源于WebSocket缺乏适当的速率限制和节流以及对消息总大小没有限制,可能导致恶意用户打开大量连接并发送大量数据,造成主机系统内存、CPU和网络过载。
Description (English)
Pterodactyl Panel is a free open-source server management panel for Pterodactyl Open Source. Pre-Pterodactyl Panel 1.12.0 contains a security loophole, which stems from the lack of appropriate speed limits and throttle in WebSocket and the absence of restrictions on the total size of the message, which may lead to the opening of large numbers of connections and the sending of large numbers of data by malicious users, resulting in overloading of the mainframe system, the CPU and the network.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pterodactyl
Published
2026-01-19
Last Modified
2026-02-24
References
https://github.com/pterodactyl/panel/security/advisories/GHSA-8w7m-w749-rx98 https://access.redhat.com/security/cve/cve-2025-69199
Patch
https://github.com/pterodactyl/panel/releases
Share on: