Unrated severityCISA KEVNVD Advisory· Published Oct 9, 2025· Updated Feb 26, 2026

Gladinet CentreStack and TrioFox Local File Inclusion Flaw

CVE-2025-11371

Description

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.

This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

Affected products

Gladinet/Centrestack And Triofoxv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flawmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.056
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000