CVE-2025-10245 | Display Painéis TGA up to 7.1.41 Galeria Page /gallery/rename current_folder path traversal

A vulnerability was found in Display Painéis TGA up to 7.1.41 and classified as critical. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument current_folder results in path traversal.

This vulnerability is cataloged as CVE-2025-10245. The attack must originate from the local network. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10245 | Display Painéis TGA up to 7.1.41 Galeria Page /gallery/rename current_folder path traversal

Post correlati

CVE-2024-56583 | Linux Kernel up to 6.6.65/6.12.4 migrate_enable Privilege Escalation

CVE-2024-47791 | Ruijie Reyee OS prior 2.320.x MQTT Broker wildcards or matching symbols (icsa-24-338-01)

CVE-2024-43746 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69)

CVE-2025-26358 | Nozomi Q-Free MaxTime up to 2.11.0 HTTP ldbMT.so input validation