Vulnerabilities (CVE)

Filtered by vendor Id Software Subscribe
Filtered by product Quake 2i Server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0770 1 Id Software 1 Quake 2i Server 2023-12-10 5.0 MEDIUM N/A
Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated using "say $rcon_password."