CVE-2025-14611
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-12

Last updated on: 2025-12-16

Assigner: Huntress

Description
Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication. This opens the door for future exploitation and can be leveraged with previous vulnerabilities to gain a full system compromise.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-12
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-12
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14611
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
gladinet centrestack to 16.12.10420.56791 (exc)
gladinet triofox to 16.12.10420.56791 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves Gladinet CentreStack and Triofox versions prior to 16.12.10420.56791 using hardcoded values in their AES cryptoscheme implementation. This weakens the security of publicly exposed endpoints using this cryptoscheme and may allow arbitrary local file inclusion when a specially crafted unauthenticated request is made. This vulnerability can be combined with previous vulnerabilities to achieve full system compromise.

Impact Analysis

The vulnerability can degrade the security of public endpoints, potentially allowing attackers to include arbitrary local files without authentication. This can lead to further exploitation, including full system compromise when combined with other vulnerabilities.

Compliance Impact

This vulnerability allows attackers to decrypt or forge access tickets due to hardcoded AES keys, enabling unauthorized access to sensitive files such as web.config, which contains machine keys. This unauthorized access and potential data exposure can lead to violations of data protection regulations like GDPR and HIPAA, which require safeguarding sensitive information and ensuring data confidentiality and integrity. Organizations affected by this vulnerability may face compliance risks if sensitive personal or health data is exposed or compromised. [1]

Detection Guidance

This vulnerability can be detected by scanning your web server logs for encrypted GET requests to the endpoint /storage/filesvr.dn that include the query parameter "t" containing the string "vghpI7EToZUDIZDdprSubL3mTZ2", which corresponds to the encrypted web.config file path. Monitoring for such requests can indicate exploitation attempts. For example, you can use commands like: - On Linux systems, to search Apache or IIS logs: grep "/storage/filesvr.dn" /path/to/logfile | grep "t=vghpI7EToZUDIZDdprSubL3mTZ2" - Using PowerShell on Windows servers: Select-String -Path "C:\inetpub\logs\LogFiles\*.log" -Pattern "/storage/filesvr.dn.*t=vghpI7EToZUDIZDdprSubL3mTZ2" [1]

Mitigation Strategies

Immediate mitigation steps include updating Gladinet CentreStack and Triofox to version 16.12.10420.56791 or later, which contains the patch for this vulnerability. Additionally, you should rotate the machine keys used by ASP.NET to prevent attackers from leveraging stolen keys for ViewState deserialization attacks. Monitoring for suspicious activity related to this vulnerability and blocking malicious requests targeting /storage/filesvr.dn is also recommended. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14611. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart