EIP-2026-103235

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103235. PoCs published by hkvig.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Half-Life servers (versions <= 1.1.1.0, 3.1.1.1c1, and 4.1.1.1a) by sending a maliciously crafted UDP packet to execute arbitrary shellcode, resulting in remote code execution (RCE). The payload includes NOP sleds and shellcode to spawn a reverse shell.

Description

Valve Software Half-Life Server 1.1.1.0/3.1.1.1c1/4.1.1.1a - Multiplayer Request Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by hkvig · cremotelinux

https://www.exploit-db.com/exploits/22968

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Half-Life servers (versions <= 1.1.1.0, 3.1.1.1c1, and 4.1.1.1a) by sending a maliciously crafted UDP packet to execute arbitrary shellcode, resulting in remote code execution (RCE). The payload includes NOP sleds and shellcode to spawn a reverse shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Half-Life Server (Windows/Linux) <= 1.1.1.0, 3.1.1.1c1, 4.1.1.1a

No auth needed

Prerequisites: Network access to the target server on UDP port 27015 · Target server running a vulnerable version of Half-Life

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Valve Software Half-Life Server 1.1.1.0/3.1.1.1c1/4.1.1.1a - Multiplayer Request Buffer Overflow

Exploitation Summary

Description

Exploits (1)

Details