104 matches found
Gladinet CentreStack & TrioFox - Local File Inclusion
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...
Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Leads to Unauthenticated RCE
Gladinet CentreStack through 16.1.10296.56315 fixed in 16.4.10315.56368 has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors who know the machineKey to serialize a payload for server-side...
Gladinet Triofox Server Agent Missing Authentication for Critical Function (CVE-2026-8364)
Binary data gladinettriofoxserveragentcve-2026-8364.nbin...
CVE-2026-8359 Gladinet Triofox WOSHttpStatusModule.dll NULL Function Pointer Call DoS
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBinLoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not prese...
CVE-2026-8361 Gladinet Triofox Path Traversal in WOSDefaultHttpModule.dll
A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome...
CVE-2026-8361
Summary (CVE-2026-8361): A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path that starts with /woshome. The CVSS 3.1 base score is 7.5 (High) with network attack vector, no user interaction, and no privileges required; confidentiality impact is High, other...
CVE-2026-8361 Gladinet Triofox Path Traversal in WOSDefaultHttpModule.dll
A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome...
CVE-2026-8362
CVE-2026-8362 describes a stack-based buffer overflow in WOSDefaultHttpModule.dll when processing long URL paths starting with /woshome. Affected software/component: WOSDefaultHttpModule.dll. Root cause: unbounded processing of long URL path leading to overflow. Impact is described as high confid...
CVE-2026-8362 Gladinet Triofox Stack-based Buffer Overflow in WOSDefaultHttpModule.dll
A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome...
CVE-2026-8362 Gladinet Triofox Stack-based Buffer Overflow in WOSDefaultHttpModule.dll
A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome...
CVE-2026-8363
CVE-2026-8363: A stack-based buffer overflow in WOSDeviceDropFolder.dll occurs when processing a long URL path starting with /resources. Documented under Gladinet Triofox; affected component is WOSDeviceDropFolder.dll. CVSS v3.1 shows a critical base score of 9.8 (Network, No user interaction, pr...
CVE-2026-8363 Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFolder.dll
A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...
CVE-2026-8363 Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFolder.dll
A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:...
EUVD-2026-32641
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8364
Affected software: Gladinet Triofox Cloud Server Agent (GladServerAgentService.exe). Vulnerability behavior: listens on TCP port 7878 and processes remote HTTP messages with URL paths /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache. Impact: CVSS 3.1 base score 9.8; con...
CVE-2026-8364 Gladinet Triofox Missing Authentication for Critical Functions
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8364
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8364 Gladinet Triofox Missing Authentication for Critical Functions
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
PT-2026-44098
Name of the Vulnerable Software and Affected Versions Gladinet Triofox Cloud Server Agent affected versions not specified Description Improper handling of remote HTTP messages in the GladServerAgentService.exe, which listens on TCP port 7878, allows unauthenticated attackers to potentially gain...
Gladinet Triofox 安全漏洞
Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from a stack buffer overflow issue when processing long URL paths starting with /woshome...