Vulnerability Management, Patch/Configuration Management

Actively exploited Gladinet CentreStack zero-day addressed

ZERO-DAY text and binary code concept from the desktop computer screen,ZERO-DAY vulnerability concept (also known as a 0-day)A zero-day vulnerability is a flaw in software or hardware.

(Adobe Stock)

BleepingComputer reports that updates have been issued by Gladinet for a local file inclusion flaw impacting its CentreStack business solution, tracked as CVE-2025-11371, which has been leveraged in zero-day intrusions since late September.

Organizations impacted by the vulnerability were urged to promptly install CentreStack version 16.10.10408.56683, while those that cannot do so have been advised to deactivate the temp handler within the UploadDownloadProxy's Web[.]config file as a mitigation.

Attacks involving CVE-2025-11371 which circumvented fixes for the deserialization flaw, tracked as CVE-2025-30406 enabled the compromise of patched CentreStack instances' Web[.]config files and the extraction of machine keys prior to remote code execution, according to researchers from Huntress, who first reported about the vulnerability.

Additional details on a proof-of-concept exploit for the bug showed that obtained machine keys could be used by threat actors to facilitate forgery of an illicit ViewState payload that could be subjected to later deserialization.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

BugBuffer OverflowDisassembly

You can skip this ad in 5 seconds