6.4

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-6rg3-8h8x-5xfv

EPSS Score

CWE

CWE-284

Published

6/23/2021

Updated

1/9/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-6rg3-8h8x-5xfv

GHSA-6rg3-8h8x-5xfv: Unchecked hostname resolution could allow access to local network resources by users outside the local network

Impact

A newly implemented route allowing users to download files from remote endpoints was not properly verifying the destination hostname for user provided URLs. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible.

This vulnerability requires valid authentication credentials and is therefore not exploitable by unauthenticated users. If you are running an instance for yourself or other trusted individuals this impact is unlikely to be of major concern to you. However, you should still upgrade for security sake.

Patches

Users should upgrade to the latest version of Wings.

Workarounds

There is no workaround available that does not involve modifying Panel or Wings code.

(GitHub Advisory)

6.4

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-6rg3-8h8x-5xfv

EPSS Score

CWE

CWE-284

Published

6/23/2021

Updated

1/9/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/pterodactyl/wings	go	= 1.2.0	1.2.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description indicates a missing hostname verification step in a file download route. While exact code isn't available, Go HTTP client patterns suggest the file download handler would: 1) Accept user-provided URLs, 2) Resolve hostnames, 3) Initiate transfers. The lack of IP validation after DNS resolution (to block private/rfc1918 addresses) would manifest in the download handler function. The medium confidence reflects educated guessing based on vulnerability patterns in Go web services, though without concrete code evidence.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * n*wly impl*m*nt** rout* *llowin* us*rs to *ownlo** *il*s *rom r*mot* *n*points w*s not prop*rly v*ri*yin* t** **stin*tion *ostn*m* *or us*r provi*** URLs. T*is woul* *llow m*li*ious us*rs to pot*nti*lly ****ss r*sour**s on lo**l n*tworks

Reasoning

T** vuln*r**ility **s*ription in*i**t*s * missin* *ostn*m* v*ri*i**tion st*p in * *il* *ownlo** rout*. W*il* *x**t *o** isn't *v*il**l*, *o `*TTP` *li*nt p*tt*rns su***st t** *il* *ownlo** **n*l*r woul*: *) ****pt us*r-provi*** URLs, *) R*solv* *ostn

6.4

Basic Information

Concerned about an active attack path?

GHSA-6rg3-8h8x-5xfv: Unchecked hostname resolution could allow access to local network resources by users outside the local network

Impact

Patches

Workarounds

6.4

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI