The Hacker News
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products.
The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1), is an unauthenticated local file inclusion bug that allows unintended disclosure of system files. It impacts all versions of the software prior to and including 16.7.10368.56560.
Huntress said it first detected the activity on September 27, 2025, uncovering that three of its customers have been impacted so far.
It's worth noting that both applications were previously affected by CVE-2025-30406 (CVSS score: 9.0), a case of hard-coded machine key that could allow a threat actor to perform remote code execution via a ViewState deserializa
Mediaite
The Daily Mining Gazette Sports
NFL Los Angeles Rams
IMDb TV
Bozeman Daily Chronicle Sports
Orlando Sentinel Politics
Axios