CVE-2025-53908 is a high-severity authenticated path traversal vulnerability affecting the RomM application, a self-hosted ROM manager and player. The vulnerability exists in versions prior to 3.10.3 and 4.0.0-beta.3 within the `/api/raw` endpoint. RomM allows multiple users, including unprivileged ones such as the kiosk user, to interact with the system. Due to insufficient validation of file path inputs, an attacker with authenticated access and at least limited privileges can exploit the path traversal flaw by submitting specially crafted requests containing sequences like '/dir/../filename'. This enables unauthorized access to files outside the intended directory scope. Critically, this can lead to leakage of sensitive data such as stored passwords and user information residing on the system. The vulnerability is rated with a CVSS 4.0 score of 8.3 (high), reflecting its network attack vector, low attack complexity, no user interaction, and partial privileges required. The scope is high, indicating that the vulnerability can affect resources beyond the initially compromised component. Although no known exploits are currently reported in the wild, the presence of sensitive data exposure and ease of exploitation under authenticated conditions make this a significant threat. The vendor has addressed the issue in versions 3.10.3 and 4.0.0-beta.3 by patching the path traversal flaw. Organizations running vulnerable versions should prioritize upgrading to these fixed releases to prevent potential data breaches and unauthorized access.

For European organizations using RomM, this vulnerability poses a substantial risk to confidentiality and integrity of sensitive data. Given RomM’s role in managing ROM files and user credentials, exploitation could lead to unauthorized disclosure of passwords and user information, potentially enabling further lateral movement or privilege escalation within the affected environment. This is particularly concerning for organizations that deploy RomM in multi-user environments or public-facing kiosks, where unprivileged users might be able to exploit the flaw. Data leakage incidents could result in regulatory non-compliance under GDPR, leading to legal penalties and reputational damage. Additionally, compromised credentials might facilitate broader attacks on internal systems. The network-based attack vector means that attackers do not need physical access, increasing the threat surface. Although exploitation requires authentication with at least limited privileges, the presence of low-privilege users such as kiosks means that the barrier to exploitation is relatively low. Therefore, European entities relying on RomM for digital asset management should consider this vulnerability a critical security concern.

1. Immediate upgrade to RomM versions 3.10.3 or 4.0.0-beta.3, which contain patches for this vulnerability, is the most effective mitigation. 2. Restrict access to the `/api/raw` endpoint to only trusted and necessary users, employing network segmentation and firewall rules to limit exposure. 3. Implement strict user privilege management, ensuring that unprivileged users have minimal access rights and cannot authenticate to sensitive API endpoints. 4. Conduct regular audits of user accounts and permissions within RomM to detect any unauthorized or anomalous access patterns. 5. Monitor application logs for unusual file access requests that include path traversal patterns such as '../'. 6. If upgrading immediately is not feasible, consider deploying web application firewalls (WAFs) with custom rules to detect and block path traversal attempts targeting the `/api/raw` endpoint. 7. Educate administrators and users about the risks of path traversal vulnerabilities and enforce strong authentication mechanisms to reduce the risk of credential compromise. 8. Review and secure storage of sensitive data within RomM to minimize impact if unauthorized access occurs.