'%20x='0'%20y='0'%20height='100%25'%20width='100%25'%20%0A%20%20%20%20%20%20%20%20%20%20xlink%3Ahref='data:image/jpg;base64,/9j/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wgARCAAGAAoDASIAAhEBAxEB/8QAFgABAQEAAAAAAAAAAAAAAAAAAAYH/8QAFAEBAAAAAAAAAAAAAAAAAAAABv/aAAwDAQACEAMQAAAAlNZALH//xAAfEAABBAICAwAAAAAAAAAAAAACAQMEBQARBxMUIuL/2gAIAQEAAT8A4etpt1XW0mdMcdlO2Pe8RAPuRD84XitkoFH2orpV3n//xAAZEQABBQAAAAAAAAAAAAAAAAAAAQMEBSH/2gAIAQIBAT8AscluIf/EABgRAAIDAAAAAAAAAAAAAAAAAAAEAQIh/9oACAEDAQE/AE9XpJ//2Q=='%3E%3C/image%3E%3C/svg%3E)
Counter-Strike 2 (CS2) is facing a massive security exploit that places some players at high risk. As it continues to struggle with in-game bugs and other issues, hackers have found another way to exploit the backend coding of the multiplayer shooter. Apparently, hackers can allegedly acquire details of all the IPs of players competing in the lobby.
A Redditor named “TryingToBeCool” first spotted this new loophole regarding the backend code of this shooter. He advised others not to play the game until the issue is patched, as it could seriously harm one's system. As CS2 faces such a vulnerability for the very first time, we dive into deeper details of the issue.
CS2 is facing a serious vulnerability that could harm one's PC
Trending
After a recent False VAC ban wave a couple of weeks ago, the game is facing another vulnerability where hackers can get players' IP addresses. The attackers use HTML code blocks as their Steam names by bypassing the character limits. This exploit allows the attackers to display unauthorized images or GIFs within the game, possibly executing some malicious code in the victim’s computer.
A recent X (formerly Twitter) post by a CS2 content creator named Ozzny shared numerous images concerning the vulnerability. In those images, it’s clearly visible that an attacker claimed to have all the IP addresses of players in their lobby with the assistance of an IP Logger. The attackers use an HTML image source code in their Steam names with images of their choice (mostly vulgar).
However, some experts, including an X user named “PirateSoftware,” stated that apart from getting the IPs, attackers can also use XSS, also known as Cross-site Scripting, to gain access to one's computer, private files, and network.
Furthermore, a few experts in this field have requested that other players not panic since the attackers can only get access to their IPs with this HTML code block.
Here are some steps to follow to avoid this vulnerability:
- Don’t receive a lobby invite from a player with an image or HTML code block.
- If an in-game vote is initiated with an embedded code, try not to respond by pressing any key.
For now, it’s recommended to avoid playing CS2 until Valve fixes the issue. However, in a recent X post, it was revealed that Valve is about to release an update: possibly a fix for the issue.
For more news related to CS2, stay tuned to Sportskeeda.
Obsessed with Crosswords, Wordle, and other word games? Take our quick survey and let us get to know you better!
