CVE-2025-11371 PoC — Gladinet CentreStack和Gladinet TrioFox 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-11371.yaml

Associated Vulnerability

Title:Gladinet CentreStack和Gladinet TrioFox 安全漏洞 (CVE-2025-11371)
Description:Gladinet CentreStack和Gladinet TrioFox都是美国Gladinet公司的产品。Gladinet CentreStack是一个主要移动访问和安全共享解决方案。提供自托管云存储。Gladinet TrioFox是一个云服务托管版平台。 Gladinet CentreStack和Gladinet TrioFox 16.7.10368.56560及之前版本存在安全漏洞，该漏洞源于默认安装和配置中存在未经认证的本地文件包含缺陷，可能导致系统文件意外泄露。

Description

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.  This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

File Snapshot


 id: CVE-2025-11371

info:
  name: Gladinet CentreStack & TrioFox - Local File Inclusion
  author: Ka

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!