- Gladinet CentreStack/Triofox have a zero-day vulnerability
- Flaw (CVE-2025-11371) allows remote code execution
- Users must apply mitigation as no patch is available
Gladinet CentreStack and Triofox, secure file sharing and remote access solutions developed by Gladinet, present a zero-day vulnerability that is being abused to remotely execute malicious code (RCE), researchers say. Since zero-days are actively exploited and no patch is yet available, users are urged to apply available mitigation as soon as possible.
CentreStack is a B2B file sharing solution that allows employees to access company files remotely via mapped drives, mobile apps, or browsers, without migrating everything to public cloud services like Dropbox or Google Drive. Triofox, on the other hand, is a cloud-enabled platform for file servers that provides VPN-free remote access with Active Directory integration, version control, and secure file sharing.
Recently, Huntress security researchers were notified of a successful exploitation of a previously undocumented vulnerability. After contacting Gladinet, Huntress learned that the company was already aware of the flaw and was in contact with a couple of victims in an attempt to minimize the damage.
Three victims so far
The flaw is described as an “unauthenticated local file inclusion vulnerability that allows threat actors to recover machine keys from the application’s Web.config file.” It is now tracked as CVE-2025-11371 and has a severity score of 6.2/10 (medium).
Don’t let the relatively low rating fool you: this is a dangerous flaw that enables RCE. According to Huntress, three companies have so far fallen victim to anonymous attackers, and since there is no patch yet, that number could increase significantly.
Gladinet has reportedly already notified its customers about the flaw and is actively involved in helping them minimize the risk, so companies that read their suppliers’ correspondence should be fine. If you haven’t read your emails yet, you can also check out the Huntress blog for details on how to stay safe. We don’t know how many companies could be at risk but according to the Gladinet website, there are at least 1,000.
Through The Registry
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
