CVE-2025-6795: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Marvell QConvergeConsole
Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getFileUploadSize method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24914.
AI Analysis
Technical Summary
CVE-2025-6795 is a medium-severity security vulnerability classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory, commonly known as Path Traversal) affecting Marvell's QConvergeConsole product, specifically version 5.5.0.78. The vulnerability resides in the getFileUploadSize method, which fails to properly validate user-supplied file paths before performing file operations. This flaw allows a remote attacker to craft malicious requests that traverse directories outside the intended scope, enabling unauthorized disclosure of sensitive information. Notably, exploitation does not require authentication or user interaction, and the attacker can access information with SYSTEM-level privileges, significantly increasing the potential impact. The vulnerability was publicly disclosed on July 7, 2025, and has a CVSS v3.0 base score of 5.3, indicating a medium severity level. Although no known exploits are currently observed in the wild and no official patches have been linked yet, the risk remains due to the ease of exploitation and the high privilege context in which the information disclosure occurs. The vulnerability was assigned by the Zero Day Initiative (ZDI) under the identifier ZDI-CAN-24914. The path traversal issue could allow attackers to read arbitrary files on the affected system, potentially exposing configuration files, credentials, or other sensitive data critical to the security posture of the affected environment.
Potential Impact
For European organizations using Marvell QConvergeConsole 5.5.0.78, this vulnerability poses a significant risk of sensitive information disclosure without requiring any authentication. The ability to access files with SYSTEM privileges means attackers could obtain highly sensitive data such as system configurations, credentials, or proprietary information. This could lead to further compromise, including lateral movement within networks or escalation to more severe attacks. Given that QConvergeConsole is a network management tool often used in enterprise environments to manage network infrastructure, the exposure of sensitive operational data could disrupt business continuity and undermine trust. Additionally, organizations subject to strict data protection regulations such as GDPR could face compliance risks if personal or sensitive data is disclosed. The lack of authentication requirement lowers the barrier for attackers, increasing the likelihood of exploitation, especially in environments where the product is exposed to untrusted networks or the internet. Although no active exploits are reported yet, the vulnerability’s characteristics warrant proactive mitigation to prevent potential data breaches and operational impacts.
Mitigation Recommendations
1. Immediate network-level controls: Restrict access to the QConvergeConsole management interface to trusted internal networks only, using firewalls or network segmentation to prevent exposure to untrusted or public networks. 2. Monitor and log all access attempts to the QConvergeConsole interface, focusing on anomalous or unexpected file path requests that may indicate exploitation attempts. 3. Implement strict input validation and filtering at the application or proxy level if possible, to detect and block path traversal patterns in incoming requests. 4. Apply principle of least privilege to the service account running QConvergeConsole, limiting filesystem access to only necessary directories to reduce the impact of potential exploitation. 5. Stay updated with Marvell’s security advisories and apply official patches or updates as soon as they become available. 6. Conduct internal vulnerability scans and penetration tests targeting QConvergeConsole to identify and remediate any exposure. 7. Educate IT and security teams about this vulnerability to ensure rapid detection and response to any suspicious activity related to the product.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain
CVE-2025-6795: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Marvell QConvergeConsole
Description
Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the getFileUploadSize method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-24914.
AI-Powered Analysis
Technical Analysis
CVE-2025-6795 is a medium-severity security vulnerability classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory, commonly known as Path Traversal) affecting Marvell's QConvergeConsole product, specifically version 5.5.0.78. The vulnerability resides in the getFileUploadSize method, which fails to properly validate user-supplied file paths before performing file operations. This flaw allows a remote attacker to craft malicious requests that traverse directories outside the intended scope, enabling unauthorized disclosure of sensitive information. Notably, exploitation does not require authentication or user interaction, and the attacker can access information with SYSTEM-level privileges, significantly increasing the potential impact. The vulnerability was publicly disclosed on July 7, 2025, and has a CVSS v3.0 base score of 5.3, indicating a medium severity level. Although no known exploits are currently observed in the wild and no official patches have been linked yet, the risk remains due to the ease of exploitation and the high privilege context in which the information disclosure occurs. The vulnerability was assigned by the Zero Day Initiative (ZDI) under the identifier ZDI-CAN-24914. The path traversal issue could allow attackers to read arbitrary files on the affected system, potentially exposing configuration files, credentials, or other sensitive data critical to the security posture of the affected environment.
Potential Impact
For European organizations using Marvell QConvergeConsole 5.5.0.78, this vulnerability poses a significant risk of sensitive information disclosure without requiring any authentication. The ability to access files with SYSTEM privileges means attackers could obtain highly sensitive data such as system configurations, credentials, or proprietary information. This could lead to further compromise, including lateral movement within networks or escalation to more severe attacks. Given that QConvergeConsole is a network management tool often used in enterprise environments to manage network infrastructure, the exposure of sensitive operational data could disrupt business continuity and undermine trust. Additionally, organizations subject to strict data protection regulations such as GDPR could face compliance risks if personal or sensitive data is disclosed. The lack of authentication requirement lowers the barrier for attackers, increasing the likelihood of exploitation, especially in environments where the product is exposed to untrusted networks or the internet. Although no active exploits are reported yet, the vulnerability’s characteristics warrant proactive mitigation to prevent potential data breaches and operational impacts.
Mitigation Recommendations
1. Immediate network-level controls: Restrict access to the QConvergeConsole management interface to trusted internal networks only, using firewalls or network segmentation to prevent exposure to untrusted or public networks. 2. Monitor and log all access attempts to the QConvergeConsole interface, focusing on anomalous or unexpected file path requests that may indicate exploitation attempts. 3. Implement strict input validation and filtering at the application or proxy level if possible, to detect and block path traversal patterns in incoming requests. 4. Apply principle of least privilege to the service account running QConvergeConsole, limiting filesystem access to only necessary directories to reduce the impact of potential exploitation. 5. Stay updated with Marvell’s security advisories and apply official patches or updates as soon as they become available. 6. Conduct internal vulnerability scans and penetration tests targeting QConvergeConsole to identify and remediate any exposure. 7. Educate IT and security teams about this vulnerability to ensure rapid detection and response to any suspicious activity related to the product.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- zdi
- Date Reserved
- 2025-06-27T14:57:21.550Z
- Cvss Version
- 3.0
- State
- PUBLISHED
Threat ID: 686bdfa06f40f0eb72ea12a9
Added to database: 7/7/2025, 2:54:24 PM
Last enriched: 7/7/2025, 3:13:48 PM
Last updated: 8/13/2025, 9:48:19 AM
Views: 13
Related Threats
CVE-2025-8935: SQL Injection in 1000 Projects Sales Management System
MediumCVE-2025-8934: Cross Site Scripting in 1000 Projects Sales Management System
MediumCVE-2025-8933: Cross Site Scripting in 1000 Projects Sales Management System
MediumCVE-2025-8932: SQL Injection in 1000 Projects Sales Management System
MediumCVE-2025-8931: SQL Injection in code-projects Medical Store Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.