Vulnerability Database

299,038

Total vulnerabilities in the database

CVE-2025-11371

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.

This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

Published: Oct 9, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-11371
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-552

Affected Software
References

No affected software listed.

https://www.centrestack.com/p/gce_latest_release.html
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-11371
https://www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flaw

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo