Most Exploited Internet-Facing Products

MEIFP

Back to Ranking

Gladinet

Products: CentreStack · CentreStack and TrioFox · Triofox

92.6

Score

9

CVEs

3

Active

6

PoC

3

KEV

#26

Rank

Period:

Product:

CVE ID	Published	CVSS	Exploit	KEV	AC	PR	Auto	Score(hover)	Affected Products	Description
CVE-2026-8359	2026-05-27	7.5v3.1	POC	—	Low	None	YES	0.0	Triofox	When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not present
CVE-2026-8360	2026-05-27	7.5v3.1	POC	—	Low	None	YES	0.0	Triofox	Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into the Triofox Server Agent Management Console). The returned NULL pointer is not checked before being de
CVE-2026-8361	2026-05-27	7.5v3.1	POC	—	Low	None	YES	0.0	Triofox	A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome
CVE-2026-8362	2026-05-27	9.8v3.1	POC	—	Low	None	YES	0.0	Triofox	A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome
CVE-2026-8363	2026-05-27	9.8v3.1	POC	—	Low	None	YES	0.0	Triofox	A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:
CVE-2026-8364	2026-05-27	9.8v3.1	POC	—	Low	None	YES	0.0	Triofox	Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.
CVE-2025-14611	2025-12-12	7.1v4.0	ACTIVE		High	None	no	26.0	CentreStack and TrioFox	Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted reque
CVE-2025-11371	2025-10-09	7.5v3.1	ACTIVE		Low	None	YES	40.6	CentreStack and TrioFox	In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and
CVE-2025-30406	2025-04-03	9.0v3.1	ACTIVE		High	None	no	26.0	CentreStack	Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side

Each CVE: 10 pts base (Active only), boosted by:

KEV×2.0AC: Low×1.2PR: None×1.3PR: Low×1.1Auto×1.3