Insecure Cryptography Vulnerability in Gladinet CentreStack and Triofox Products
CVE-2025-14611

7.1HIGH

Key Information:

Vendor

Gladinet

Status
Centrestack And Triofox
Vendor
CVE Published:
12 December 2025

Badges

πŸ“ˆ Score: 276πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 61%πŸ¦… CISA ReportedπŸ“° News Worthy

What is CVE-2025-14611?

CVE-2025-14611 is a critical vulnerability identified in Gladinet CentreStack and Triofox products, specifically in versions prior to 16.12.10420.56791. These products are designed for secure file sharing and collaboration, allowing organizations to manage their cloud storage effectively. The vulnerability originates from the use of hardcoded values in the implementation of the AES cryptography scheme, resulting in insecure cryptographic practices. This flaw particularly affects publicly exposed endpoints, making them susceptible to unauthorized access. Attackers can exploit this vulnerability to perform arbitrary local file inclusion through specially crafted requests without prior authentication. This could facilitate further exploitation and potentially lead to a complete system compromise, posing significant risks to the integrity and confidentiality of data within affected organizations.

Potential impact of CVE-2025-14611

  1. Unauthorized Access to Sensitive Data: The vulnerability allows attackers to bypass security mechanisms, enabling them to access sensitive data stored on the affected systems. This can lead to data breaches with severe repercussions for organizations, including legal liabilities and reputational damage.

  2. System Compromise: With the ability for arbitrary file inclusion and the potential to chain this vulnerability with other existing weaknesses, attackers can gain complete control of the affected systems. This full system compromise may lead to further exploitation, including the installation of malicious software or ransomware.

  3. Increased Attack Surface: Organizations using Gladinet CentreStack and Triofox are at risk due to their reliance on flawed cryptographic practices. As these products may be exposed to the internet, they represent a significant attack surface that could be targeted by cybercriminals, increasing the likelihood of future exploitation attempts and active threats in the wild.

CISA has reported CVE-2025-14611

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-14611 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CentreStack and TrioFox 0 < 16.12.10420.56791

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-14611-CentreStack-and-Triofox-full-Poc-Exploit
Created by pl4tyz

News Articles

favicon imageThe Cyber Express

CL0P Ransomware Group Targets Gladinet CentreStack In New Campaign

The CL0P ransomware group appears to be targeting internet-facing Gladinet CentreStack file servers in its latest extortion campaign.

favicon imageCyber Press

CISA Warns of Active Exploitation in Gladinet CentreStack and Triofox Vulnerabilities

The agency recently added this flaw, identified as CVE-2025-14611, to its Known Exploited Vulnerabilities (KEV) catalog, confirming that hackers are actively using it in cyberattacks.

favicon imageSecurity Affairs

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Apple and Gladinet CentreStack and Triofox vulnerabilities to its Known Exploited Vulnerabilities catalog.

References

https://www.huntress.com/blog/active-exploitation-gladine...

EPSS Score

61% chance of being exploited in the next 30 days.

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ¦…

    CISA Reported

  • πŸ“°

    First article discovered by Security Affairs

  • Vulnerability published

  • Vulnerability Reserved

Credit

Bryan Masters
John Hammond
JSON
.