CVE-2025-11371

Name of the Vulnerable Software and Affected Versions Gladinet CentreStack and Triofox versions prior to and including 16.7.10368.56560

Description Gladinet CentreStack and Triofox are affected by an unauthenticated Local File Inclusion flaw. This allows unintended disclosure of system files and, potentially, remote code execution. Exploitation of this issue has been observed in the wild, with reports of active exploitation by the CL0P ransomware group and other threat actors. At least three customers have been impacted. The vulnerability allows attackers to access system files without authentication, potentially leading to the retrieval of machine keys and subsequent remote code execution. The vulnerability is tracked as CVE-2025-11371.

Recommendations For versions prior to and including 16.7.10368.56560, remove the lines of code that enable the exploitable functionality, as recommended by Huntress, understanding that this may impact some platform features.