Home > Vulnerability Database > CVE-2025-9784

Mend.io Vulnerability Database

CVE-2025-9784

Date: September 2, 2025

A security flaw has been discovered in Display Painéis TGA up to 7.1.41. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument current_folder results in path traversal. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Severity Score

5.3

Related Resources (11)

Url: https://github.com/lfparizzi/CVE-TGA-7.1.41/tree/main

Url: https://issues.redhat.com/browse/UNDERTOW-2598

Url: https://github.com/undertow-io/undertow/pull/1778

Url: https://vuldb.com/?id.323545

Url: https://access.redhat.com/security/cve/CVE-2025-9784

Url: https://vuldb.com/?ctiid.323545

Url: https://github.com/undertow-io/undertow

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-9784

Url: https://vuldb.com/?submit.642068

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2392306

Url: https://www.mend.io/vulnerability-database/CVE-2025-9784

Severity Score

5.3

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

Allocation of Resources Without Limits or Throttling

CWE-770

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-9784

Date: September 2, 2025

Severity Score

Related Resources (11)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?