CVE-2025-54071 RomM's authenticated arbitrary file write vulnerability can lead to Remote Code Execution

RomM ROM Manager allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. In versions 4.0.0-beta.3 and below, an authenticated arbitrary file write vulnerability exists in the /api/saves endpoint. This can lead to Remote Code Execution on the...

PT-2025-30340 · Romm · Romm

Name of the Vulnerable Software and Affected Versions: RomM versions 4.0.0-beta.3 and below Description: RomM is a tool that allows users to manage their game collections. An authenticated arbitrary file write issue exists in the /api/saves endpoint. This can lead to Remote Code Execution. The...