Lucene search
+L

89 matches found

Cvelist
Cvelist
added 2026/05/27 7:38 p.m.47 views

CVE-2026-8364 Gladinet Triofox Missing Authentication for Critical Functions

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

9.8CVSS0.00305EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:38 p.m.22 views

CVE-2026-8364

Affected software: Gladinet Triofox Cloud Server Agent (GladServerAgentService.exe). Vulnerability behavior: listens on TCP port 7878 and processes remote HTTP messages with URL paths /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache. Impact: CVSS 3.1 base score 9.8; con...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:38 p.m.10 views

CVE-2026-8364

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 7:38 p.m.16 views

EUVD-2026-32641

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox. This vulnerability arises from the absence of the WOSHttpStatusModule.dll module when processing URL paths starting with...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from the WOSSysInfoGetDeviceInterface function returning a null pointer without proper checking. This could lead...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from a stack buffer overflow issue when processing long URL paths starting with /woshome...

9.8CVSS6AI score0.00316EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from listening on the TCP port 7878 and processing URL paths that start with /resources, /status, /sysinfo,...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from path traversal when processing URL paths starting with /woshome...

7.5CVSS5.8AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from a stack buffer overflow issue when processing long URL paths that start with “/resources”...

9.8CVSS6AI score0.00335EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-44098

Name of the Vulnerable Software and Affected Versions Gladinet Triofox Cloud Server Agent affected versions not specified Description Improper handling of remote HTTP messages in the GladServerAgentService.exe, which listens on TCP port 7878, allows unauthenticated attackers to potentially gain...

9.8CVSS5.9AI score0.00305EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-44094

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface in various DLLs i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll can return a NULL pointer i.e., when no user is logged into the Triofox Server Agent Management Console. The returned NULL pointer is not checked before being...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2026/02/06 6:52 p.m.10 views

Metasploit Wrap-Up 02/06/2026

Google Summer of Code 2026 Our very own Jack Heysel has added some documentation which outlines the Metasploit Framework project ideas for GSoC 2026. For anyone interested in applying please see GSoC-How-To-Apply documentation, or reach out on slack to any of the following GSoC mentors on Slack v...

5.7AI score
Exploits0
Metasploit
Metasploit
added 2026/02/04 6:58 p.m.270 views

Gladinet CentreStack/Triofox Access Ticket Forge

This module forges access tickets for the Gladinet CentreStack/Triofox /storage/filesvr.dn endpoint. The vulnerability exists because the application uses hardcoded cryptographic keys in GladCtrl64.dll to encrypt/decrypt access tickets. The access ticket is an encrypted string that contains: -...

9.8CVSS6.1AI score0.50949EPSS
Exploits3
Metasploit
Metasploit
added 2026/02/04 6:58 p.m.270 views

Gladinet CentreStack/Triofox Path Traversal

This module exploits a path traversal vulnerability CVE-2025-11371 in Gladinet CentreStack and Triofox that allows an unauthenticated attacker to read arbitrary files from the server's file system. The vulnerability exists in the /storage/t.dn endpoint which does not properly sanitize the s...

9.8CVSS7.6AI score0.93842EPSS
Exploits8
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.24 views

Gladinet CentreStack & Triofox - Hardcoded Credentials

Gladinet CentreStack and Triofox 16.12.10420.56791 contain a hardcoded credentials vulnerability caused by use of hardcoded AES cryptoscheme values, letting attackers perform arbitrary local file inclusion without authentication, potentially leading to full system compromise. id: CVE-2025-14611...

9.8CVSS6.8AI score0.50949EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2026/01/12 12:0 a.m.3 views

Gladinet Triofox Agent Installed (macOS)

Binary data gladinettriofoxagentmacosinstalled.nbin...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/12 12:0 a.m.2 views

Gladinet Triofox Agent Installed (Windows)

Binary data gladinettriofoxagentwininstalled.nbin...

7AI score
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/29 11:21 a.m.232 views

Exploit for Use of Hard-coded Credentials in Gladinet Centrestack

CVE-2025-14611 CentreStack and Triofox full Poc/Exploit Su...

9.8CVSS8.3AI score0.93842EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2025/12/17 12:0 a.m.9 views

Gladinet CentreStack / Triofox < 16.12.10420.56791 Hardcoded Credentials

According to its banner, the version of Gladinet CentreStack / Triofox running on the remote host is prior to 16.12.10420.56791. It is, therefore, affected by an arbitrary local file inclusion due to the CentreStack / Triofox portal's use hardcoded values for their implementation of the AES...

9.8CVSS6.9AI score0.50949EPSS
Exploits3References2
Rows per page
Query Builder