CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38312
https://notcve.org/view.php?id=CVE-2023-38312
15 Oct 2023 — A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable. Una vulnerabilidad de cruce de directorio en Valve Counter-Strike 8684 permite a un cliente (con acceso de control remoto a un servidor de juegos) leer archivos arbitrarios del servidor subyacente a través de la variable de consola motdfile. • https://github.com/MikeIsAStar/Counter-Strike-Arbitrary-File-Read • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35855
https://notcve.org/view.php?id=CVE-2023-35855
19 Jun 2023 — A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lservercfgfile console variable. Un desbordamiento de búfer en Counter-Strike a través de 8684 permite a un servidor de juegos ejecutar código arbitrario en la máquina de un cliente remoto modificando la variable de consola "lservercfgfile". • https://github.com/MikeIsAStar/Counter-Strike-Remote-Code-Execution • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 35%CPEs: 1EXPL: 2CVE-2008-7203 – Half-Life CSTRIKE Server 1.6 - 'no-steam' Denial of Service
https://notcve.org/view.php?id=CVE-2008-7203
11 Sep 2009 — Valve Software Half-Life Counter-Strike 1.6 allows remote attackers to cause a denial of service (crash) via multiple crafted login packets. Valve Software Half-Life Counter-Strike 1.6 permite a atacantes remotos provocar una denegación de servicio (caída) a través de múltiples paquetes de login manipulados. • https://www.exploit-db.com/exploits/4856 • CWE-399: Resource Management Errors •