CVE-2025-11371 PoC — Gladinet CentreStack和Gladinet TrioFox 安全漏洞

来源

关联漏洞

Description

Detection for CVE-2025-11371

介绍

# CVE-2025-11371

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.  This issue impacts Gladinet CentreStack and Triofox: All versions prior to and including 16.7.10368.56560

## How does this detection method work?

This detection script works by sending a GET request to the CentreStack login page, extracting the build version number from the response body using regex, and then checking if that version is less than or equal to 16.7.10368.56560 to determine if the system is vulnerable to CVE-2025-11371.

## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

### Example Output

<img width="772" height="77" alt="image" src="https://github.com/user-attachments/assets/08a38a4b-0306-473f-a42e-f3d374950e80" />



## References

- https://www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flaw
- https://www.cve.org/CVERecord?id=CVE-2025-11371


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

---

## Contact

Feel free to reach out via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions.

文件快照

 [4.0K]  /data/pocs/d4d84fc5894b95a8e53ccacef974e2d707519223
├── [1.1K]  CVE-2025-11371.yaml
├── [1.0K]  LICENSE
└── [1.5K]  README.md

1 directory, 3 files

备注