CVE-2025-11371

Gladinet CentreStack and TrioFox Local File Inclusion Flaw

CVSS 7.5 HIGHEPSS 92.1%● KEVCWE-552

In short

An unauthenticated attacker can read sensitive system files from Gladinet CentreStack and TrioFox servers without logging in. This flaw exposes confidential information and is actively being exploited in real-world attacks.

Technical detail

A Local File Inclusion (LFI) vulnerability in default installations allows unauthenticated remote attackers to read arbitrary system files through improper path handling. The vulnerability affects all versions up to 16.7.10368.56560 and requires no prior authentication or user interaction.

Summary generated and translated by AI from the official description.

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Gladinet · CentreStack and TrioFox

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.centrestack.com/p/gce_latest_release.html https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-11371 https://www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flaw