Directory Traversal Vulnerability in Valve Counter-Strike 8684: Arbitrary File Read via motdfile Console Variable

Directory Traversal Vulnerability in Valve Counter-Strike 8684: Arbitrary File Read via motdfile Console Variable

CVE-2023-38312 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.

Learn more about our Cis Benchmark Audit For Server Software.