[security vulnerability] unencrypted server link leave game vulnerable to cyber attack

You found a bug? Post it here!
Post Reply
sergei45
Posts: 22
Joined: Sat Oct 29, 2022 4:28 pm

[security vulnerability] unencrypted server link leave game vulnerable to cyber attack

Post by sergei45 » Wed Nov 30, 2022 10:26 am

OV Account name: the one you were playing when you encountered the bug:sergei45
Time of bug: if possible, use /time in game and report server time when you noticed the bug, otherwise "same time as post" or similar is still very helpful: now
Where: (where is the bug): dekstop version of omv all plaform
What: (what happened): exposed ip/server link of game and config from unsecure or not protected of game source code on desktop version of game.
Why: (Why do you think this is a bug): exposed server ip leave game system vulnerable to various attack such as ddos attack or mass scan in attempt to gain acces to game data, potentially data breach
Other comments: (add any other information you think is relevant): this not bug rather security vulnerable that leave game system and data in ticking clock if not secure immediately. Although chance of attack are low for small indie game but with the raise of database breach and ransomware attack better fix than sorry.

For example: cheater who get caught and angry can order small ddos attack package that can strain developer resources and time.

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests