October 10, 2025 By Bill Toulas
Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication.
At least three companies have been targeted so far. Although a patch is not yet available, customers can apply mitigations.
CentreStack and Triofox are Gladinet's business solutions for file sharing and remote access that allow using a company's own storage as a cloud. According to the vendor, CentreStack "is used by thousands of businesses from over 49 countries."
No fix, all versions affected
The zero-day vulnerability CVE-2025-11371 is a Local File Inclusion (LFI) flaw affecting the default installation and configuration of both products, impacting all versions including the latest release, 16.7.10368.56560.
