playlist.txt can be used to exploit a stack overflow vulnerability in
GameUI.dll that can lead to arbitrary code execution.
playlist.txt in game directory (
cstrike, etc.). The game will crash when it tries to play
The file can be sent from server with
precache_generic function (custom
mp.dll, amxx plugins, etc.). I don't know ant way to force reload the playlist, so for the exploit to trigger, the client must be restarted. In my opinion, it's still dangerous. And this method won't work if the client already had
playlist.txt in the game directory.
The attacker can use this to do many things, from crashing the client to stealing important data.