THREATOPS
THREAT OPSCVEs › CVE-2025-30406

CVE-2025-30406 — Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability

CISA KEVExploited: confirmedGladinet

Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing for remote code execution.

Vulnerability details