23 matches found
CVE-2022-23627
ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...
EUVD-2021-19558
Malware in sbrugna...
EUVD-2022-28585
Malicious code in bioql PyPI...
CVE-2021-32795
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service aka DoS vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat...
CVE-2021-32794
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code POST /Api/ASF ASF API endpoint responsible for updating global ASF config incorrectly removed IPCPassword from the resulting config when the caller did not...
CVE-2022-23627
ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...
Design/Logic Flaw
ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...
CVE-2022-23627
CVE-2022-23627 concerns ArchiSteamFarm (ASF). A bug in ASF v5.2.2.2 fails to properly verify the user’s access when issuing proxy commands between bots (A vs B), allowing access to resources beyond what was configured if an attacker already controls at least one bot in the process. The issue impa...
CVE-2022-23627 Inadequate access verification when using proxy commands in ArchiSteamFarm
ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...
CVE-2022-23627 Inadequate access verification when using proxy commands in ArchiSteamFarm
ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...
CVE-2022-23627 Inadequate access verification when using proxy commands in ArchiSteamFarm
ArchiSteamFarm ASF is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code, introduced in version V5.2.2.2, the program didn't adequately verify effective access of the user sending proxy i.e. Bots commands. In particular, a...
ArchiSteamFarm 访问控制错误漏洞
ArchiSteamFarm is a C application whose main purpose is to idle Steam cards from multiple accounts simultaneously. An Access Control Error vulnerability exists in ArchiSteamFarm that stems from the product not adequately validating the sending agent. An attacker could use this vulnerability to...
CVE-2021-32795
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service aka DoS vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat...
CVE-2021-32795
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service aka DoS vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat...
Code injection
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service aka DoS vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat...
CVE-2021-32795
ArchiSteamFarm (ASF) is affected by CVE-2021-32795, a DoS that allows a remote attacker to crash a v4.x ASF instance by sending a specially crafted Steam chat message. The attacker does not need authentication and must know ASF’s CommandPrefix; many deployments use the default. The issue is fixed...
CVE-2021-32795 Denial of Service via Steam chat in ArchiSteamFarm
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service aka DoS vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat...
CVE-2021-32794
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code POST /Api/ASF ASF API endpoint responsible for updating global ASF config incorrectly removed IPCPassword from the resulting config when the caller did not...
CVE-2021-32794
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code POST /Api/ASF ASF API endpoint responsible for updating global ASF config incorrectly removed IPCPassword from the resulting config when the caller did not...
Design/Logic Flaw
ArchiSteamFarm is a C application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code POST /Api/ASF ASF API endpoint responsible for updating global ASF config incorrectly removed IPCPassword from the resulting config when the caller did not...