Unpatched Zero-Day Vulnerability CVE-2025-11371 in Gladinet CentreStack and Triofox Under Active Exploitation

Published 2025-10-12 14:17:50 | securityaffairs.com
Gladinet Triofox Zero Day Vulnerability CVE 2025 11371

🎙️ Paranoid Newscast

🎭
Credibility
70%
📊
Risk Score
72%
🎲
Likelihood
9/10
💥
Impact
8/10
🛡️
Priority
4/5
A zero-day vulnerability, tracked as CVE-2025-11371, is being actively exploited in Gladinet CentreStack and Triofox products, allowing local users to access system files without authentication. Experts warn that while mitigations exist, the flaw remains unpatched.

A zero-day vulnerability, tracked as CVE-2025-11371, is being actively exploited in Gladinet CentreStack and Triofox products, allowing local users to access system files without authentication. Gladinet CentreStack and Triofox are enterprise file-sharing and cloud storage solutions designed for businesses.

CentreStack provides a secure platform for file sharing, syncing, and collaboration, integrating on-premises storage with cloud access. Triofox offers a hybrid cloud solution enabling secure remote access to existing Windows file shares and SMB/NFS storage.

Experts are aware of mitigations, but warn that the issue has yet to be patched. A report from Huntress indicates that at least three customers have been targeted so far. Gladinet recommends disabling the temp handler in UploadDownloadProxy’s Web.config to block exploitation of the vulnerability, although this may affect some platform functionality.