THREAT OPS › CVEs › CVE-2025-30406
CVE-2025-30406 — Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability
Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing for remote code execution.
Vulnerability details
- Affected productsCentreStack
- KEV remediation due2025-04-29