Vulnerability in World of Warships replays allows remote code execution
A vulnerability in the World of Warships game replay tool allows remote code execution. Publisher Wargaming warns players against opening replays from unknown sources.
A vulnerability has been discovered in the replay feature in the World of Warships client that would allow hackers to execute code when the replay is opened. wargaming warns players on the World of Warships website to not open replay files they get from strangers.
The vulnerability is in version 0.11.4 of the World of Warships client. This allows players to open the replay XML files. It only seems to be about World of Warships. No warning has been issued for the World of Tanks and World of Warplanes. Wargaming has indicated that it is working on a solution.