CVE-2025-30406

⚠ KEVEPSS 85.4%

Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability

Added to CISA KEV: 4/8/2025

Description

Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing for remote code execution.

Affected packages (0)

No package mapping in OSV.