RomM vulnerable to Authenticated Path Traversal_CVE-2025-53908

8.3 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Description

RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the `/api/raw` endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official implementation, may be affected. This allows the leakage of passwords and users that may be stored on the system. Versions 3.10.3 and 4.0.0-beta.3 contain a patch.

Basic Information

ID CVE-2025-53908

Source GitHub_M

Published Jul 16, 2025 at 19:55

Modified Jul 18, 2025 at 14:21

Affected Product

Vendor rommapp

Product romm

Version < 3.10.3

Affected Versions rommapp romm < 3.10.3
rommapp romm < 4.0.0-beta.3

CWE Classification

CWE-26

References

{
    "lastseen": "",
    "description": "RomM is a self-hosted rom manager and player. Versions prior to 3.10.3 and 4.0.0-beta.3 have an authenticated path traversal vulnerability in the `/api/raw` endpoint. Anyone running the latest version of RomM and has multiple users, even unprivileged users, such as the kiosk user in the official implementation, may be affected. This allows the leakage of passwords and users that may be stored on the system. Versions 3.10.3 and 4.0.0-beta.3 contain a patch.",
    "published": "2025-07-16T19:55:15.844Z",
    "modified": "2025-07-18T14:21:44.885Z",
    "type": "cve",
    "title": "RomM vulnerable to Authenticated Path Traversal",
    "source": "GitHub_M",
    "references": "https://github.com/rommapp/romm/security/advisories/GHSA-fx9g-xw4j-jwc3\nhttps://github.com/rommapp/romm/commit/7c94cb05e74ddb6a6af7b82320686c01754e9966\nhttps://github.com/rommapp/romm/commit/baa1a9759079c36e36a9f10c920c46b57d0b6151\nhttps://github.com/rommapp/romm/blob/4.0.0-beta.2/backend/endpoints/raw.py#L31",
    "id": "CVE-2025-53908",
    "bulletinFamily": "",
    "cwe": [
        "CWE-26"
    ],
    "cvelist": null,
    "sourceData": "rommapp romm < 3.10.3\nrommapp romm < 4.0.0-beta.3",
    "sourceHref": "",
    "cvss": {
        "score": 8.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "romm",
    "version": "< 3.10.3",
    "vendor": "rommapp",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}