CVE-2025-11371

High KEV CVSS: 7.5

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.

This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

Vendor

Gladinet

Product

Centrestack

CWE

CWE-552

Yayın Tarihi

2025-10-09 17:15:58

Güncelleme

2025-11-05 14:32:00

Source Identifier

5dacb0b8-2277-4717-899c-254586fe4912

KEV Date Added

2025-11-04

Kategoriler

CWE-552 Centrestack HIGH Gladinet 2025

Referanslar

https://www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flaw https://www.centrestack.com/p/gce_latest_release.html https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-11371

Benzer Kayıtlar

High

CVE-2025-14611

Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of th…

Critical

CVE-2025-12480

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to init…

Critical

CVE-2025-30406

Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the…