CVE-2025-11371 Gladinet CVE debrief

Who should care

Organizations running Gladinet CentreStack or Triofox, especially security teams, system administrators, and cloud-service owners responsible for access controls and externally reachable file-sharing deployments.

Technical summary

The supplied source corpus identifies CVE-2025-11371 as a Gladinet CentreStack and Triofox 'Files or Directories Accessible to External Parties Vulnerability.' CISA added the issue to the KEV catalog on 2025-11-04, indicating known exploitation. The corpus does not include deeper vendor advisory text, exploit conditions, or a CVSS score, so the most defensible technical summary is that inadequate access control can expose files or directories beyond intended users.

Defensive priority

High

Recommended defensive actions

• Apply mitigations per the vendor instructions referenced by CISA.
• Follow applicable CISA BOD 22-01 guidance for cloud services if your deployment is cloud-hosted or service-based.
• If mitigations are unavailable, discontinue use of the affected product or isolate the deployment until remediation is possible.
• Validate that file and directory access controls, sharing permissions, and authentication boundaries are correctly enforced on exposed instances.
• Review logs and access records for unexpected external access to sensitive files or directories.

Evidence notes

CISA's KEV record for CVE-2025-11371 names Gladinet CentreStack and Triofox and describes the issue as 'Files or Directories Accessible to External Parties Vulnerability.' The KEV entry was added on 2025-11-04 with a due date of 2025-11-25 and instructs defenders to apply vendor mitigations, follow BOD 22-01 guidance for cloud services, or discontinue use if mitigations are unavailable. The supplied corpus also includes official CVE and NVD links, but no additional technical detail or CVSS score.

Official resources