Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-30406 PoC — Gladinet CentreStack 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-30406.yaml
Associated Vulnerability
Title:Gladinet CentreStack 安全漏洞 (CVE-2025-30406)
Description:Gladinet CentreStack是美国Gladinet公司的一个主要移动访问和安全共享解决方案。提供自托管云存储。 Gladinet CentreStack存在安全漏洞,该漏洞源于硬编码machineKey导致反序列化漏洞,可能导致远程代码执行。
Description
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution.
File Snapshot

 id: CVE-2025-30406

info:
  name: Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Lead

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.