EIP-2026-116472

PRE-CVE

Valve Software Half-Life Dedicated Server 3.1/4.1 - Information Disclosure/Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116472. PoCs published by 3APA3A.

AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in Half-Life dedicated server's download functionality, allowing unauthorized file downloads from the game's root or valve folder. The provided commands exploit the flaw to retrieve sensitive configuration files.

Description

Valve Software Half-Life Dedicated Server 3.1/4.1 - Information Disclosure/Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by 3APA3A · textdoswindows

https://www.exploit-db.com/exploits/23388

View Code ZIP pw:eip

This exploit demonstrates an information disclosure vulnerability in Half-Life dedicated server's download functionality, allowing unauthorized file downloads from the game's root or valve folder. The provided commands exploit the flaw to retrieve sensitive configuration files.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Half-Life dedicated server

No auth needed

Prerequisites: Network access to the Half-Life dedicated server

MITRE ATT&CK

T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026