{"uuid": "f5fa9a22-d0ab-45e6-9059-daaabdcd41b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6793", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/qconvergeconsole_traversal.rb", "content": "{\"actions\": [], \"aliases\": [], \"arch\": \"\", \"author\": [\"Michael Heinzl\", \"rgod\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This module exploits a path traversal vulnerability (CVE-2025-6793) in Marvell QConvergeConsole <= v5.5.0.85 to retrieve arbitrary files from the system. No authentication is required to exploit this issue.\\n          Note that whatever file will be retrieved, will also be deleted from the remote server.\", \"disclosure_date\": \"2025-06-27\", \"fullname\": \"auxiliary/gather/qconvergeconsole_traversal\", \"is_install_path\": true, \"mod_time\": \"2026-05-11 09:00:24 +0000\", \"name\": \"Marvell QConvergeConsole Path Traversal (CVE-2025-6793)\", \"needs_cleanup\": false, \"notes\": {\"Reliability\": [], \"SideEffects\": [\"ioc-in-logs\", \"config-changes\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/auxiliary/gather/qconvergeconsole_traversal.rb\", \"platform\": \"\", \"post_auth\": false, \"rank\": 300, \"ref_name\": \"gather/qconvergeconsole_traversal\", \"references\": [\"CVE-2025-6793\", \"URL-https://www.zerodayinitiative.com/advisories/ZDI-25-450/\"], \"rport\": 8443, \"session_types\": false, \"targets\": null, \"type\": \"auxiliary\"}", "creation_timestamp": "2026-05-11T07:47:38.000000Z"}