CVE-2025-58750
8.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
rAthena is an open-source cross-platform massively multiplayer online role playing game (MMORPG) server. Versions prior to commit 0cc348b are missing a bound check in chclif_parse_moveCharSlot that can result in reading and writing out of bounds using input from the user. The problem has been fixed in commit 0cc348b.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| rathena | rathena | < 0cc348b | affected |
Weaknesses
- CWE-119: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-125: CWE-125: Out-of-bounds Read
- CWE-787: CWE-787: Out-of-bounds Write
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://github.com/rathena/rathena/security/advisories/GHSA-pjh7-jgr8-4ff6
- https://github.com/rathena/rathena/commit/0cc348b186bbcc3c604c17c39589a319f27d469b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.