CVE-2025-6793: Marvell QConvergeConsole Directory Traversal Allows Arbitrary File Deletion and Information Disclosure
A critical security vulnerability, identified as CVE-2025-6793, has been discovered in Marvell QConvergeConsole. This vulnerability allows unauthenticated remote attackers to delete arbitrary files and disclose sensitive information on affected installations.
🔍 TL;DR Summary
Marvell QConvergeConsole is vulnerable to a directory traversal flaw (CVE-2025-6793) due to insufficient validation of user-supplied paths. This allows remote, unauthenticated attackers to delete arbitrary files and potentially disclose sensitive information from the system. The vulnerability resides within the QLogicDownloadImpl class and can be exploited to gain SYSTEM-level privileges.
🚨 Vulnerability Details
- CVE ID: CVE-2025-6793
- Description: This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the QLogicDownloadImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files and disclose information in the context of SYSTEM.
- CVSS Score: 9.4 (CRITICAL)
- CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
- CVSS Explanation: This CVSS vector indicates a critical vulnerability due to the network attack vector, low attack complexity, no privileges required, no user interaction needed, and the potential for high confidentiality and availability impact, along with a low integrity impact. Essentially, anyone on the network can remotely trigger this to potentially cripple the system.
- Exploit Requirements: No authentication is required. An attacker simply needs network access to the vulnerable service.
- Affected Vendor: Marvell
- Affected Product: QConvergeConsole
- Affected Version: All affected installations are vulnerable (specific versions not specified)
- CWE: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE Explanation: CWE-22, or Path Traversal, occurs when software uses external input to construct a pathname that should be within a restricted directory, but does not properly neutralize path-traversal sequences. This allows attackers to access or manipulate files and directories outside of the intended restricted area.
📅 Timeline of Events
- 2025-07-07: Vulnerability published.
- 2025-07-07: CVE assigned.
- 2025-07-08: Vulnerability details updated.
🧠 Exploitability & Real-World Risk
The lack of authentication makes this vulnerability exceptionally dangerous. An attacker could potentially automate the exploitation process to target multiple installations of Marvell QConvergeConsole. Successful exploitation could lead to data loss, system instability, and unauthorized access to sensitive information. Given the potential for SYSTEM-level access, this vulnerability poses a significant risk to organizations using the affected software.
🛠️ Recommendations
- Apply Patches: Check Marvell's website for any available patches or updates for QConvergeConsole and apply them immediately.
- Network Segmentation: Isolate the QConvergeConsole service within a segmented network to limit the potential impact of a successful exploit.
- Principle of Least Privilege: Enforce the principle of least privilege.
🧪 Technical Insight
The vulnerability arises from the QLogicDownloadImpl class failing to properly validate user-supplied paths before using them in file operations. This allows an attacker to manipulate the path to access files outside of the intended directory. By crafting a malicious path (e.g., using '../' sequences), an attacker can traverse the file system and potentially delete critical system files or disclose sensitive data. The context of SYSTEM privileges makes the impact of this flaw especially severe.
🙌 Credit to Researcher(s)
This vulnerability was discovered and reported by Zero Day Initiative (ZDI) as ZDI-CAN-24912.
🔗 References
🧵 Tags
#CVE-2025-6793 #Marvell #QConvergeConsole #DirectoryTraversal #FileDeletion #InformationDisclosure #SecurityVulnerability
Summary: CVE-2025-6793: A critical directory traversal vulnerability in Marvell QConvergeConsole allows unauthenticated remote attackers to delete arbitrary files and disclose sensitive information due to improper validation of user-supplied paths.
CVE ID: CVE-2025-6793
Risk Analysis: Successful exploitation could lead to complete compromise of the QConvergeConsole server, including data loss, system instability, and potential exposure of sensitive information. This can have significant impact on the organization's operations and reputation.
Recommendation: Apply the latest patches and updates from Marvell for QConvergeConsole. Implement network segmentation to limit the potential impact of a successful exploit. Monitor network traffic for suspicious activity.
Timeline
- 2025-07-07: Vulnerability published and CVE assigned.
- 2025-07-08: Vulnerability details updated.