CNNVD-202509-1134 Information

CNNVD ID

CNNVD-202509-1134

Related CVE

CVE-2025-58448

• CNNVD Published: 2025-09-09

Description (Chinese)

rAthena是rAthena开源的一个跨平台MMORPG服务器。 rAthena 0d89ae0之前版本存在SQL注入漏洞，该漏洞源于WorldName参数存在SQL注入。

Description (English)

rAthena is a cross-platform MMORPG server from rAthena open source. The pre-RAthena 0d89ae0 version has an SQL injection loophole, which stems from the SQL injection of the WorldName parameter.

Hazard Level

Low

Vulnerability Type

SQL注入

Affected Vendor

rAthena

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/rathena/rathena/security/advisories/GHSA-x99j-36m7-4vv7 https://github.com/rathena/rathena/commit/0d89ae071ff5e46e8dedcf45d060acec84b3abb5 https://access.redhat.com/security/cve/cve-2025-58448

Patch

https://rathena.org/board/files/