PT-2023-26352 · Valve · Valve Counter-Strike
Published
2023-10-15
·
Updated
2023-10-19
·
CVE-2023-38312
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Valve Counter-Strike version 8684
Description
A directory traversal issue allows a client with remote control access to a game server to read arbitrary files from the underlying server via the
motdfile console variable.Recommendations
For Valve Counter-Strike version 8684, as a temporary workaround, consider restricting access to the
motdfile console variable until a patch is available.Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Valve Counter-Strike