CNNVD-202507-3941 Information

CNNVD ID

CNNVD-202507-3941

Related CVE

CVE-2025-8426

• CNNVD Published: 2025-07-31

Description (Chinese)

Marvell QConvergeConsole是美国Marvell公司的一款跨数据中心的统一适配器管理软件。 Marvell QConvergeConsole存在路径遍历漏洞，该漏洞源于compressConfigFiles方法未验证用户提供路径，可能导致信息泄露或拒绝服务。

Description (English)

Marvell QConvergeConsole is a United States-based multi-data centre integrated adapter management software. Marvell QConvergeConsole has a loophole in its path, which stems from the failure of the CompressConfigFiles method to verify the user ’ s supply of the path, which may lead to information leaking or denial of service.

Hazard Level

Low

Vulnerability Type

路径遍历

Affected Vendor

美满科技

Published

2025-07-31

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-733/