Justarchi

**Name of the Vulnerable Software and Affected Versions** ArchiSteamFarm versions prior to 4.3.1.0 **Description** ArchiSteamFarm is a C# application for idling Steam cards from multiple accounts simultaneously. A Denial of Service vulnerability exists in versions prior to 4.3.1.0, allowing an attacker to remotely crash a running instance by sending a specifically-crafted Steam chat message. The attacker needs to know the `CommandPrefix` in advance, but most setups use the default value. This attack does not allow the attacker to gain sensitive information or execute arbitrary commands. The issue is patched in version 4.3.1.0. **Recommendations** For versions prior to 4.3.1.0, the only workaround that guarantees complete protection is running all bots with `OnlineStatus` of `0` (Offline), allowing ArchiSteamFarm to ignore the specifically-crafted message without attempting to interpret it. Update to version 4.3.1.0 or later to resolve the issue.