diff --git a/src/d_netcmd.c b/src/d_netcmd.c
index 1bff0dd8f..532552982 100644
--- a/src/d_netcmd.c
+++ b/src/d_netcmd.c
@@ -2450,6 +2450,14 @@ static void Got_WeaponPref(UINT8 **cp,INT32 playernum)
 	}
 	UINT8 kartspeedrestat = READUINT8(*cp);
 	UINT8 kartweightrestat = READUINT8(*cp);
+	if (kartspeedrestat < 0 || kartspeedrestat > 9 ||
+		kartweightrestat < 0 || kartweightrestat > 9)
+	{
+		CONS_Alert(CONS_WARNING, M_GetText("Illegal restat values received from %s\n"), player_names[playernum]);
+		if (server)
+			SendKick(playernum, KICK_MSG_CON_FAIL);
+		return;
+	}
 	player->kartspeedrestat = kartspeedrestat;
 	player->kartweightrestat = kartweightrestat;