Description

rAthena is an open-source cross-platform massively multiplayer online role playing game (MMORPG) server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted `CA_SSO_LOGIN_REQ` with an oversized token length. This leads to immediate denial of service (crash) and it is possible to achieve remote code execution via heap corruption. Commit 2f5248b fixes the issue.

INFO

Published Date :

2025-09-09T22:11:03.376Z

Last Modified :

2025-09-10T19:30:07.516Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-58447 vulnerability.

Vendors Products
Rathena
  • Rathena
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-58447.

URL Resource
https://github.com/rathena/rathena/commit/2f5248b9cd9a8c6b42422ddecfc4cc2cd0e69e4b cve-icon cve-icon
https://github.com/rathena/rathena/security/advisories/GHSA-4p33-6xqr-cm6x cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact