CVE-2025-11371

Confirmed PUBLISHED

Gladinet CentreStack and TrioFox Local File Inclusion Flaw

Gladinet · CentreStack and TrioFox

1 day faster than CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.5 High EPSS 92.1%

At a Glance

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.  This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

cisa nuclei_scanner
CVE Published
Oct 09, 2025
Exploitation Reported
Jun 01, 2026
CVSS
7.5 High
EPSS
92.1%
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
Gladinet
CentreStack and TrioFox

0 to <= 16.7.10368.56560

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.