Valve - HackerOne Reports

Add apps to packages 0, 61, 62 with /store/ajaxpackagemerge

Reported by: lolcanyouexplainagainpleaselol | Disclosed:

High

Weakness: Improper Access Control - Generic

[help.steampowered.com] Account takeover bruteforcing SteamGuard

Reported by: natetheriver | Disclosed:

High

Weakness: Business Logic Errors

Bounty: $2500.00

Add any depot to your app and access its contents without decryption key; via /apps/setcommonredists

Reported by: lolcanyouexplainagainpleaselol | Disclosed:

High

Weakness: Improper Access Control - Generic

RCE on Steam Client via buffer overflow in Server Info

Reported by: vinnievan | Disclosed:

Critical

Weakness: Classic Buffer Overflow

[steam client] Opening a specific steam:// url overwrites files at an arbitrary location

Reported by: kbeckmann | Disclosed:

Medium

Weakness: Write-what-where Condition

Bounty: $750.00

[GoldSrc] Remote Code Execution using malicious WAD list in BSP file

Reported by: nyancat0131 | Disclosed:

Critical

Weakness: Stack Overflow

Bounty: $750.00

SQL injection in /errors/viewbuild/

Reported by: lolcanyouexplainagainpleaselol | Disclosed:

Critical

Weakness: SQL Injection

/applications/dpc_(get|post) provide full access to api.steampowered.com with the Dota2 API key

Reported by: lolcanyouexplainagainpleaselol | Disclosed:

High

Weakness: Server-Side Request Forgery (SSRF)

XSS in steam react chat client

Reported by: zemnmez | Disclosed:

Critical

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $7500.00

unlock self-lock by brute force

Reported by: manshum12 | Disclosed:

Medium

Weakness: Improper Restriction of Authentication Attempts

Bounty: $900.00

Privilege Escalation vulnerability in steam's Remote Play feature leads to arbitrary kernel-mode driver installation

Reported by: hydraskyteam | Disclosed:

Medium

Weakness: Privilege Escalation

code injection, steam chat client

Reported by: zemnmez | Disclosed:

Medium

Weakness: Code Injection

Bounty: $750.00

Steam Deck Single Click Root Remote Code Execution

Reported by: g1a55er | Disclosed:

High

Bounty: $750.00

Steam chat - trade offer presentation vulnerability

Reported by: hackerontwowheels | Disclosed:

Medium

Weakness: Business Logic Errors

[Portal 2] Remote Code Execution via voice packets

Reported by: gamer7112 | Disclosed:

Critical

Weakness: Classic Buffer Overflow

Bounty: $5000.00

Reflected XSS in www.dota2.com

Reported by: jr0ch17 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Bounty: $350.00

Read Access to all comments on unauthorized forums' discussions! IDOR!

Reported by: ta8ahi | Disclosed:

Medium

Weakness: Insecure Direct Object Reference (IDOR)

Bounty: $500.00

Malformed .BMP file in Counter-Strike 1.6 may cause shellcode injection

Reported by: kohtep2010 | Disclosed:

High

Weakness: Classic Buffer Overflow

Bounty: $2000.00

GoldSrc: Buffer Overflow in DELTA_ParseDelta function leads to RCE

Reported by: pixelindigo | Disclosed:

Critical

Weakness: Stack Overflow

Bounty: $3000.00

ImageMagick GIF coder vulnerability leading to memory disclosure

Reported by: alyssa_herrera | Disclosed:

Medium

Weakness: Information Disclosure