exploitDog

CVE-2023-38312

Опубликовано: 15 окт. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.

Ссылки

https://github.com/MikeIsAStar/Counter-Strike-Arbitrary-File-Read
Third Party Advisory
https://github.com/MikeIsAStar/Counter-Strike-Arbitrary-File-Read
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:valvesoftware:counter-strike:8684:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00591

Низкий

7.5 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-m63v-p8hp-rg28

CVSS3: 7.5

github

больше 2 лет назад

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.

EPSS

Процентиль: 69%

0.00591

Низкий

7.5 High

CVSS3

Дефекты

CWE-22