Home > Vulnerability Database > CVE-2025-58447

Mend.io Vulnerability Database

CVE-2025-58447

Good to know:

Date: September 9, 2025

rAthena is an open-source cross-platform massively multiplayer online role playing game (MMORPG) server. Versions prior to commit 2f5248b have a heap-based buffer overflow in the login server, remote attacker to overwrite adjacent session fields by sending a crafted "CA_SSO_LOGIN_REQ" with an oversized token length. This leads to immediate denial of service (crash) and it is possible to achieve remote code execution via heap corruption. Commit 2f5248b fixes the issue.

Severity Score

9.8

Related Resources (4)

Url: https://github.com/rathena/rathena/security/advisories/GHSA-4p33-6xqr-cm6x

Url: https://github.com/rathena/rathena/commit/2f5248b9cd9a8c6b42422ddecfc4cc2cd0e69e4b

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-58447

Url: https://www.mend.io/vulnerability-database/CVE-2025-58447

Severity Score

9.8

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-58447

Good to know:

Date: September 9, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?