CVE-2025-6534 is a vulnerability identified in the xxyopen novel-plus software, specifically affecting versions 5.1.0 through 5.1.3. The flaw resides in the 'remove' function within the FileController.java component of the File Handler module. The vulnerability is characterized as an improper control of resource identifiers, which means that the application does not adequately validate or restrict the identifiers used to reference resources, such as files. This improper control can potentially allow an attacker to manipulate resource identifiers to perform unauthorized actions, such as deleting or accessing files that should be protected. The vulnerability can be exploited remotely without user interaction, but the attack complexity is rated as high and exploitability is considered difficult, indicating that a skilled attacker with specific knowledge and conditions would be required to successfully leverage this flaw. The CVSS 4.0 base score is 2.3, which classifies it as a low-severity issue. The vector indicates network attack vector (AV:N), high attack complexity (AC:H), no privileges required (PR:L), no user interaction (UI:N), and limited impacts on confidentiality, integrity, and availability (VC:N, VI:L, VA:L). The vendor has been contacted but has not responded or issued a patch, and no known exploits are currently observed in the wild. The vulnerability disclosure is public, which could increase the risk over time if a reliable exploit is developed. The affected component is a Java-based file controller, which is likely used in managing file operations within the novel-plus application, a product by xxyopen. Given the nature of the vulnerability, it primarily threatens unauthorized file manipulation, potentially leading to data loss or unauthorized data exposure if exploited successfully.

For European organizations using xxyopen novel-plus versions 5.1.0 to 5.1.3, this vulnerability poses a risk of unauthorized file deletion or manipulation, which could disrupt business operations or lead to partial data loss. Although the severity is low and exploitation is difficult, the lack of vendor response and patch availability increases the risk profile over time. Organizations relying on novel-plus for critical document or content management may face integrity and availability issues if an attacker manages to exploit this flaw. The limited impact on confidentiality reduces the risk of sensitive data leakage, but the potential for file removal could affect service continuity. Since the attack can be initiated remotely without user interaction, exposed instances accessible over the internet or untrusted networks are at higher risk. European entities in sectors such as publishing, education, or digital content management that deploy novel-plus might experience operational disruptions. However, the overall impact is mitigated by the high attack complexity and the low CVSS score.

Given the absence of an official patch from the vendor, European organizations should implement compensating controls to mitigate this vulnerability. First, restrict network access to the novel-plus application, ensuring it is not exposed to untrusted networks or the internet. Use network segmentation and firewall rules to limit access only to trusted internal users. Second, implement strict access controls and monitoring on the file system level to detect and prevent unauthorized file deletions or modifications, including the use of file integrity monitoring tools. Third, conduct regular audits of application logs and file system changes to identify suspicious activity related to file removal operations. Fourth, consider deploying a Web Application Firewall (WAF) with custom rules to detect and block suspicious requests targeting the 'remove' function or unusual resource identifier patterns. Fifth, if feasible, upgrade to a later version of novel-plus once the vendor releases a patch or consider alternative software solutions with active security support. Finally, maintain an incident response plan to quickly address any exploitation attempts and ensure backups are current and tested to recover from potential data loss.