Imperian News

Imperian Game News

Announce News Post #3923

Recent Lag

Written by: Eoghan
Date: Monday, December 2nd, 2019
Addressed to: Everyone

Last night, while investigating lag occurring across all IRE games, we discovered an unmitigated SQL injection vulnerability in the gamefeed processing on the games' websites, which was being actively used by an attacker. In an abundance of caution, we disabled the gamefeed functionality across all games and sinkholed the vulnerable API endpoint. We have now fixed the faulting code and reenabled the gamefeed.

We are still investigating the full impact of the vulnerability, but at this time it does not appear any customer data was accessed. It appears to have been a blind attack that didn't get beyond an attempt to identify access limitations, so no critical information was accessed whatsoever.

Special thanks to Razmael of Aetolia for identifying the initial impact, and Phaestus of Achaea and Eoghan of Imperian for identifying the SQLi and creating a mitigation.

Penned by my hand on the 18th of Tenebrae, in the year 209 AM.

Previous | Summary | Next

Text PRG | PvP Game | Fantasy World

2021 and Beyond

By Skuf | Dec 29, 2021

Hello Imperian! Another year passes! A few months from now will mark my second year on Aetherius. Time sure flies! However, the vast majority of this wouldn’t happen without our wonderful team of volunteers. Kiandre and Valethar have been with me since last year, and are instrumental with the work they have done for the…

Sep 2 2021

World Map by Eryx

By Jeremy Saunders | Sep 2, 2021

Check out this world map created by Eryx. Click here for a full-size version.

Dec 31 2020

Onward to 2021

By Skuf | Dec 31, 2020

Hi folks! This year has been a challenge on many of us, and I can only hope the next year goes by more smoothly. Having said that, we have reached the end of 2020, woo! This was my first not-quite-a-year on Imperian, and it has been a whole learning experience. It has been a bit…