#gladinet-centrestack

[ follow ]
#hard-coded-cryptographic-keys #viewstate-deserialization #remote-code-execution #cve-2025-11371
Information security
fromThe Hacker News
1 day ago

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Hard-coded cryptographic keys in Gladinet CentreStack/Triofox allow decryption or forging of access tickets, enabling access to web.config and potential ViewState deserialization leading to remote code execution.
Information security
fromTheregister
2 months ago

Zero-day in popular file-sharing software actively exploited

Apply the available mitigation immediately for Gladinet CentreStack and Triofox to mitigate actively exploited CVE-2025-11371, as no patch is available.
[ Load more ]