Gladinet Patches Exploited CentreStack Vulnerability

Posted on By CWS

Gladinet this week launched patches for a CentreStack vulnerability that has been exploited within the wild since a minimum of late September.

Tracked as CVE-2025-11371, the difficulty is described as an unauthenticated file inclusion bug that enables attackers to retrieve system recordsdata.

Impacting the default configurations of Gladinet’s CentreStack and TrioFox merchandise, the safety defect was exploited within the wild as a zero-day to retrieve a ‘machineKey’ cryptographic key from a configuration file and execute arbitrary code remotely.

To realize distant code execution, nevertheless, the attackers exploited a ViewState deserialization vulnerability, cybersecurity agency Huntress explains.

The ViewState deserialization problem was beforehand abused in assaults exploiting CVE-2025-30406, a critical-severity CentreStack and Triofox flaw rooted within the presence of hardcoded keys within the functions’ configuration recordsdata.

Armed with a hardcoded machineKey, an attacker may bypass ASPX ViewState protections and execute arbitrary code remotely with the privileges of the IIS utility pool consumer. Profitable exploitation of the difficulty may enable attackers to take full management of a susceptible system.

Gladinet patched CVE-2025-30406 in April by updating one of many configuration recordsdata containing the machineKey and eradicating the important thing from one other.

As a part of the contemporary assaults flagged by Huntress, risk actors are exploiting CVE-2025-11371 to retrieve the configuration file containing the machineKey, which permits them to carry out a deserialization assault to execute instructions on the susceptible system.Commercial. Scroll to proceed studying.

Gladinet resolved the newly found vulnerability in CentreStack model 16.10.10408.56683. Given the flaw’s in-the-wild exploitation, organizations and finish customers are suggested to use the patches as quickly as attainable.

CentreStack is a self-hosted, on-premise cloud file server that gives organizations with safe file sharing capabilities. It may be deployed by MSPs for his or her shoppers and built-in with current infrastructure.

Associated: In Different Information: Gladinet Flaw Exploitation, Assaults on ICS Honeypot, ClayRat Adware

Associated: Organizations Warned of Exploited Adobe AEM Varieties Vulnerability

Associated: Cisco Routers Hacked for Rootkit Deployment

Associated: SAP Patches Essential Vulnerabilities in NetWeaver, Print Service, SRM

Security Week News Tags:, , , ,

Related Posts

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability Security Week News
Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach Security Week News
Radical Empowerment From Your Leadership: Understood by Few, Essential for All Security Week News
SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation Security Week News
WatchGuard Patches Firebox Zero-Day Exploited in the Wild Security Week News
Oracle Patches 200 Vulnerabilities With July 2025 CPU Security Week News