https://z3r0s6.github.io/tags/cve-2025-49132/Recent content in CVE-2025-49132 on z3r0sHugoenSun, 03 May 2026 00:00:00 +0000https://z3r0s6.github.io/machines/pterodactyl/Sun, 03 May 2026 00:00:00 +0000https://z3r0s6.github.io/machines/pterodactyl/<table> <thead> <tr> <th>Field</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>Difficulty</td> <td>Medium</td> </tr> <tr> <td>OS</td> <td>Linux</td> </tr> <tr> <td>CVEs</td> <td>CVE-2025-49132 · CVE-2025-6018 · CVE-2025-6019</td> </tr> </tbody> </table> <hr> <h2 id="summary"> Summary <a class="heading-link" href="#summary"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h2> <p>Pterodactyl is a Linux machine that chains three critical vulnerabilities for full system compromise. The Pterodactyl Panel (a Laravel-based game server management platform) is hosted on a discovered subdomain. <strong>PHP PEAR</strong> is enabled with writable config paths, vulnerable to <strong>CVE-2025-49132</strong> - unauthenticated RCE. Database credentials extracted from Laravel's <code>.env</code> file reveal a secondary user. Privilege escalation leverages <strong>CVE-2025-6018</strong> (PAM environment variable injection) chained with <strong>CVE-2025-6019</strong> (UDisks2 XFS filesystem privilege escalation) to achieve root.</p>