Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Leads to Unauthenticated RCE

Gladinet CentreStack through 16.1.10296.56315 fixed in 16.4.10315.56368 has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors who know the machineKey to serialize a payload for server-side...

Gladinet CentreStack/Triofox Path Traversal

This module exploits a path traversal vulnerability CVE-2025-11371 in Gladinet CentreStack and Triofox that allows an unauthenticated attacker to read arbitrary files from the server's file system. The vulnerability exists in the /storage/t.dn endpoint which does not properly sanitize the s...

Gladinet CentreStack/Triofox Access Ticket Forge

This module forges access tickets for the Gladinet CentreStack/Triofox /storage/filesvr.dn endpoint. The vulnerability exists because the application uses hardcoded cryptographic keys in GladCtrl64.dll to encrypt/decrypt access tickets. The access ticket is an encrypted string that contains: -...

Gladinet CentreStack & Triofox - Hardcoded Credentials

Gladinet CentreStack and Triofox 16.12.10420.56791 contain a hardcoded credentials vulnerability caused by use of hardcoded AES cryptoscheme values, letting attackers perform arbitrary local file inclusion without authentication, potentially leading to full system compromise. id: CVE-2025-14611...

Exploit for Use of Hard-coded Credentials in Gladinet Centrestack

CVE-2025-14611 CentreStack and Triofox full Poc/Exploit Su...

Gladinet CentreStack < 16.4.10315.56368 Insecure Deserialization

According to its banner, the version of Gladinet CentreStack running on the remote host is prior to 16.4.10315.56368. It is, therefore, affected by an Insecure Deserialization due to the CentreStack portal's use an hardcoded machineKey. Note that the scanner has not tested for these issues but ha...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-14611link is external Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability CVE-2025-43529link is external Apple Multiple Products...

CVE-2025-14611

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted...

CVE-2025-14611 Gladinet CentreStack and TrioFox Hard Coded AES Keys

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted...

CVE-2025-14611

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted...

CVE-2025-14611

CVE-2025-14611 affects Gladinet CentreStack and Triofox prior to 16.12.10420.56791. The root cause is hardcoded, static keys/IVs used by the AES cryptosystem (AES-256-CBC) in the web services, enabling attackers to forge or decrypt access tickets and potentially trigger arbitrary local file inclu...

VulnCheck KEV: CVE-2025-14611

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted...

Gladinet CentreStack 安全漏洞

Gladinet CentreStack is a premier mobile access and secure sharing solution from Gladinet USA. Provides self-hosted cloud storage. A security vulnerability exists in versions prior to Gladinet CentreStack 16.12.10420.56791, which stems from the use of hard-coded values in the AES encryption schem...

Gladinet CentreStack/Triofox < 16.10.10408.56683 Local File Inclusion

Gladinet CentreStack/Triofox versions prior to 16.10.10408.56683 are vulnerable to a Local File Inclusion LFI vulnerability. An unauthenticated attacker could exploit this issue to read arbitrary files on the affected system, potentially leading to information disclosure. The vulnerability exists...

Gladinet CentreStack <= 16.7.10368.56560 Local File Inclusion

Gladinet CentreStack through 16.7.10368.56560 fixed in 16.10.10408.56683 contain an unauthenticated Local File I nclusion LFI vulnerability CVE-2025-11371 that allows an attacker to read sensitive files notably Web.config without authentication; attackers observed exploiting this in the wild have...

CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting Gladinet and Control Web Panel CWP to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below ...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-11371link is external Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability CVE-2025-48703link is external CWP...

Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability

Gladinet CentreStack and Triofox contains a files or directories accessible to external parties vulnerability that allows unintended disclosure of system files...

CVE-2025-11371

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 CVSS score: 6.1, is an unauthenticated local file inclusion bug that allows...