<ul><li>Security researchers at Huntress have reported active exploitation of the Gladinet CVE-2025-30406 vulnerability, affecting seven organizations and 120 endpoints.</li><li>The vulnerability (CVE-2025-30406) is a deserialization issue in Gladinet CentreStack and Triofox software due to the hardcoded machineKey use.</li><li>The flaw allows remote code execution and full server compromise if unpatched, posing a critical risk with no prerequisites other than knowing the default key values.</li><li>Huntress has released detection tools and urges partners to patch the vulnerability.</li></ul>

Gladinet flaw CVE-2025-30406 actively exploited in the wild

Discover more