CVE-2025-53908 | rommapp romm up to 3.10.2/4.0.0-beta2 /api/raw path traversal (GHSA-fx9g-xw4j-jwc3)

A vulnerability, which was classified as problematic, has been found in rommapp romm up to 3.10.2/4.0.0-beta2. Affected by this issue is some unknown functionality of the file /api/raw. The manipulation leads to path traversal: ‘/dir/../filename’.

This vulnerability is handled as CVE-2025-53908. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More