Third times a charm;
@the_secret_club
member mev showcases their remote code execution 0-day for CS:GO. This has been reported to Valve 5 months ago with no response from Valve.
Valve ignoring security researchers is not just specific to the secret club. Here we see Bien Pham demonstrate his Remote Code Execution exploit that has not been patched for over a year.
As you may know,
@the_secret_club
recently posted videos about Source Engine games RCE. I was also ignored by Valve for a year. Here's the demonstration of my report. RCE can be achieved by connecting to a malicious server, then the chain will be completed when game is restarted.
I've seen some people recently shared their *negative* experience with Valve bug bounty program. I have decided to share my frustration as well.
@the_secret_club
@floesen_