MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt).
7.3AI Score
0.052EPSS
MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read.
7AI Score
0.012EPSS