🚨 Heads up, file sharers! 🚨 A serious security flaw in Gladinet’s CentreStack and Triofox is leaving your sensitive files exposed to cyberattacks. And here’s the kicker – there’s no fix yet!
🛡️ What’s the deal? 🛡️
Gladinet’s CentreStack and Triofox, popular for secure file sharing and remote access, have a zero-day vulnerability (CVE-2025-11371) that’s being exploited by hackers to remotely execute malicious code. Since there’s no patch available, it’s crucial to apply the available mitigation ASAP.
💥 What’s the damage? 💥
This medium-severity flaw (6.2/10) might not sound too scary, but don’t be fooled! It allows attackers to retrieve machine keys from the application’s Web.config file, enabling remote code execution (RCE). So far, three companies have been targeted, and without a patch, more could follow.
📧 What can you do? 📧
Gladinet has reportedly notified its customers, so if you’re a business user, check your emails! If you haven’t, you can also find safety tips on Huntress’ blog. To stay safe, follow these steps:
1. Apply mitigation: Use the available workarounds to protect your system.
2. Stay informed: Keep an eye on Gladinet’s updates and follow security news.
3. Be vigilant: Monitor your system for any unusual activity.
📣 Stay safe, folks! 📣 Remember, it’s always better to be proactive than sorry when it comes to cybersecurity. Keep your software up-to-date and stay informed about the latest threats.
