A high-severity vulnerability in Gladinet CentreStack and Triofox, tracked as CVE-2025-11371, is being actively exploited in the wild, posing a significant threat to organizations using these platforms. This flaw, which has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog as of November 4, 2025, is a local file inclusion vulnerability that allows unauthenticated attackers to access sensitive system files.
The vulnerability, which carries a CVSS score of 7.5 and an Exploit Prediction Scoring System (EPSS) rating of 0.676, was disclosed on October 9, 2025. Despite its disclosure, no patch has been released, leaving systems exposed to potential exploitation. The flaw is categorized under CWE-552, indicating that it involves improper access control, which can lead to unintended disclosure of system files.
Attackers have been quick to exploit this vulnerability, with exploitation observed within 25 days of its disclosure. The vulnerability's presence in the default installation and configuration of both Gladinet CentreStack and Triofox means that many organizations could be at risk if they have not implemented additional security measures.
The exploitation of CVE-2025-11371 is facilitated by the availability of at least one exploit, making it easier for attackers to target vulnerable systems. This situation underscores the urgency for organizations to implement mitigations or workarounds to protect their systems until an official patch is released.
Security teams should prioritize reviewing their use of Gladinet CentreStack and Triofox, ensuring that any unnecessary exposure is minimized. Monitoring for unusual access patterns and implementing strict access controls can help mitigate the risk posed by this vulnerability. Additionally, organizations should stay informed about any updates from Gladinet regarding a potential patch release.
Given the active exploitation and the lack of a patch, organizations using these platforms should consider this vulnerability a critical priority. Immediate action is necessary to safeguard sensitive data and maintain the integrity of their systems.
CSURFACE