Pterodactyl before 0.7.14 with 2FA allows credential sniffing.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NPterodactyl Panel
APPPterodactyl< 0.7.14
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2026-26016CRITICAL9.2PL ✓ten sam produkt
Brak autoryzacji w Pterodactyl Wings — dostęp do danych serwerów innych węzłów
CVE-2025-68954HIGH7.5ten sam produkt
Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below do not revoke acti...
CVE-2021-41129HIGH8.1ten sam produkt
Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user c...
CVE-2025-69198MEDIUM6.0ten sam produkt
Pterodactyl is a free, open-source game server management panel. Pterodactyl implements rate limits that are a...
CVE-2025-69197MEDIUM6.5ten sam produkt
Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below allow TOTP to be u...