Skip to main content

CVE-2025-6801: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Marvell QConvergeConsole

High
VulnerabilityCVE-2025-6801cvecve-2025-6801cwe-22
Published: Mon Jul 07 2025 (07/07/2025, 14:51:03 UTC)
Source: CVE Database V5
Vendor/Project: Marvell
Product: QConvergeConsole

Description

Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the saveNICParamsToFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of SYSTEM. Was ZDI-CAN-24921.

AI-Powered Analysis

AILast updated: 07/07/2025, 15:11:25 UTC

Technical Analysis

CVE-2025-6801 is a high-severity path traversal vulnerability affecting Marvell's QConvergeConsole product, specifically version 5.5.0.78. The flaw resides in the saveNICParamsToFile method, where insufficient validation of user-supplied file paths allows an unauthenticated remote attacker to perform arbitrary file writes on the affected system. This vulnerability enables attackers to write files with SYSTEM-level privileges, which is the highest privilege level on Windows systems, potentially allowing for full system compromise. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), indicating that the application fails to properly restrict file paths to safe directories. Exploitation does not require authentication or user interaction, and the attack vector is network-based, making it highly accessible to remote attackers. Although no known exploits are currently reported in the wild, the vulnerability's characteristics and high CVSS score (8.2) suggest it could be leveraged to disrupt system availability or facilitate further attacks such as privilege escalation or persistence. The lack of a patch at the time of publication increases the urgency for mitigation and monitoring.

Potential Impact

For European organizations, the impact of this vulnerability could be significant, especially for those relying on Marvell QConvergeConsole for network device management or configuration. Successful exploitation could lead to arbitrary file creation or modification with SYSTEM privileges, potentially enabling attackers to deploy malware, disrupt network operations, or exfiltrate sensitive data. This could affect critical infrastructure sectors, including telecommunications, manufacturing, and enterprise IT environments, where Marvell hardware and software are deployed. The ability to write arbitrary files remotely without authentication increases the risk of widespread compromise and operational downtime. Additionally, regulatory frameworks such as GDPR impose strict requirements on data protection and breach notification, so organizations affected by this vulnerability may face legal and reputational consequences if exploited.

Mitigation Recommendations

Given the absence of an official patch, European organizations should implement several targeted mitigations: 1) Restrict network access to the QConvergeConsole management interface using firewalls and network segmentation to limit exposure to trusted administrators only. 2) Employ intrusion detection and prevention systems (IDS/IPS) with custom rules to detect anomalous file write attempts or path traversal patterns targeting the saveNICParamsToFile method. 3) Monitor system and application logs for unusual file creation activities or errors related to file path handling. 4) If feasible, deploy application-layer proxies or web application firewalls (WAFs) configured to sanitize or block suspicious path traversal payloads. 5) Engage with Marvell support for any available workarounds or beta patches and plan for rapid deployment once official fixes are released. 6) Conduct thorough audits of affected systems to identify any signs of compromise and ensure backups are current and secure to enable recovery if needed.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
zdi
Date Reserved
2025-06-27T14:57:50.661Z
Cvss Version
3.0
State
PUBLISHED

Threat ID: 686bdfa06f40f0eb72ea12c5

Added to database: 7/7/2025, 2:54:24 PM

Last enriched: 7/7/2025, 3:11:25 PM

Last updated: 8/8/2025, 10:35:57 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats