Description

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.  This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

INFO

Published Date :

2025-10-09T16:50:49.117Z

Last Modified :

2026-02-26T17:47:55.202Z

Source :

Huntress
AFFECTED PRODUCTS

The following products are affected by CVE-2025-11371 vulnerability.

Vendors Products
Gladinet
  • Centrestack
  • Triofox
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-11371.

URL Resource
https://www.centrestack.com/p/gce_latest_release.html cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-11371 cve-icon cve-icon
https://www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flaw cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact