CNNVD-202512-2314 Information

CNNVD ID

CNNVD-202512-2314

Related CVE

CVE-2025-14611

• CNNVD Published: 2025-12-12

Description (Chinese)

Gladinet CentreStack是美国Gladinet公司的一个主要移动访问和安全共享解决方案。提供自托管云存储。 Gladinet CentreStack 16.12.10420.56791之前版本存在安全漏洞，该漏洞源于AES加密方案使用硬编码值，可能导致任意本地文件包含。

Description (English)

Gladinet CentreStack is a major mobile access and security-sharing solution for Gladinet in the United States. Provides self-hosted cloud storage. There was a security loophole in the pre-AES 16.12.10420.56791 version of Gladinet CentreStack, which stemmed from the use of hard-coding values in the AES encryption programme, which could lead to the inclusion of any local file.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Gladinet

Published

2025-12-12

Last Modified

2026-02-24

References

https://www.huntress.com/blog/active-exploitation-gladinet-centrestack-triofox-insecure-cryptography-vulnerability

Patch

https://www.gladinet.com/