CVE-2023-25152

CVSS v3.1

8.4

High

Vector

AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:H

Name of the Vulnerable Software and Affected Versions Wings versions prior to v1.11.3 Wings versions prior to v1.7.3

Description The vulnerability in Wings allows attackers to create new files and directory structures on the host system, potentially enabling them to change resource allocations, promote containers to privileged mode, or add ssh authorized keys for remote shell access. An attacker must have an existing server allocated and controlled by the Wings Daemon to exploit this issue.

Recommendations For versions prior to v1.11.3, upgrade to v1.11.3. For versions prior to v1.7.3, upgrade to v1.7.3.

Exploit

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-61CWE-59

Related Identifiers

CVE-2023-25152

GHSA-P8R3-83R8-JWJ5

GO-2023-1542

Affected Products

Wings

CVE-2023-25152

Weakness Enumeration

Related Identifiers

Affected Products

References · 11