Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, enabling remote code execution and system file access. Users are advised to implement mitigations until a fix is released, as all versions are affected. #CVE-2025-11371 #GladinetVulnerability
Keypoints
- The zero-day vulnerability CVE-2025-11371 affects all versions of CentreStack and Triofox products.
- Threat actors have successfully exploited this flaw to retrieve machine keys and execute remote code.
- Mitigation involves disabling the temp handler in Web.config, which may impact some platform functionalities.
- Gladinet is aware of the vulnerability and is notifying customers while working on a patch.
- The vulnerability stems from a Local File Inclusion flaw that enables attackers to perform remote code execution.