89 matches found
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
CVE-2025-12480
The connected nuclei template confirms an improper access control vulnerability in Gladinet Triofox and CentreStack. Before versions 12.91.1126.65588 (Triofox) and 12.10.595.65696 (CentreStack), unauthenticated users can reach the /management/admindatabase.aspx endpoint, exposing sensitive databa...
VulnCheck KEV: CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
PT-2025-46160
Name of the Vulnerable Software and Affected Versions Triofox versions prior to 16.7.10368.56560 Description Triofox is vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete. This vulnerability, designated CVE-2025-12480, allows...
Gladinet CentreStack/Triofox < 16.10.10408.56683 Local File Inclusion
Gladinet CentreStack/Triofox versions prior to 16.10.10408.56683 are vulnerable to a Local File Inclusion LFI vulnerability. An unauthenticated attacker could exploit this issue to read arbitrary files on the affected system, potentially leading to information disclosure. The vulnerability exists...
TrioFox 安全漏洞
TrioFox is a remote access software from TrioFox USA. A security vulnerability exists in versions prior to Triofox 16.7.10368.56560, which stems from improper access control and could result in access to the initial settings page...
CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting Gladinet and Control Web Panel CWP to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below ...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-11371link is external Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability CVE-2025-48703link is external CWP...
Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability
Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files...
Exploit for CVE-2025-11371
CVE-2025-11371 Overview This repository contains a proof-...
CVE-2025-11371
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
Exploit for CVE-2025-11371
CVE-2025-11371 In the default installation and configuration...
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 CVSS score: 6.1, is an unauthenticated local file inclusion bug that allows...
EUVD-2025-33408
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
CVE-2025-11371
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
CVE-2025-11371
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
CVE-2025-11371 Gladinet CentreStack and TrioFox Local File Inclusion Flaw
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
CVE-2025-11371
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...