Experts warn Gladinet file sharing tool flaw prompts dangerous cyberattacks - and there's no patch

News
By published

Gladinet CentreStack and Triofox are carrying a flaw that enables RCE

Cyber-security
(Image credit: Getty Images)
  • Gladinet CentreStack/Triofox have a zero-day vulnerability
  • The flaw (CVE-2025-11371) enables remote code execution
  • Users should apply mitigation as no patch is available

Secure file sharing and remote access solutions developed by Gladinet are reportedly carrying a zero-day vulnerability that is being abused to remotely execute malicious code (RCE), researchers are saying.

Since the zero-days in Gladinet CentreStack and Triofox are being actively exploited, and there is no patch available yet, users are urged to apply the available mitigation as soon as possible.

Recently, security researchers from Huntress were notified of a successful exploitation of a previously undocumented vulnerability. After reaching out to Gladinet, Huntress learned that the company was already aware of the flaw, and was in touch with a couple of victims in an attempt to minimize the damage.

Three victims so far

The flaw is described as an “unauthenticated local file inclusion vulnerability that allows threat actors to retrieve machine keys from the application Web.config file.” It is now tracked as CVE-2025-11371, and has a severity score of 6.2/10 (medium).

Don’t let the relatively low rating trick you - this is a dangerous flaw which enables RCE. According to Huntress, three companies have so far fallen victim to unnamed attackers, and given there’s no patch yet - that number could rise significantly.

CentreStack is a B2B file sharing solution that lets employees access company files remotely through mapped drives, mobile apps, or browsers, without migrating everything to public cloud services like Dropbox or Google Drive.

Triofox, on the other hand, is a cloud-enablement platform for file servers that provides VPN-less remote access with Active Directory integration, version control, and secure file sharing.

Gladinet allegedly already notified its customers about the flaw and is actively engaged in helping them minimize the risk, so businesses who read their supplier correspondence should be fine.

If you haven’t read your emails yet, you can also check the Huntress blog for details on how to stay safe. We don’t know how many businesses could be at risk but according to Gladinet’s website, it’s at least 1,000.

Via The Register

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.