Fixing and finding
Jump to remediation plan
CVE ID

CVE-2025-12480

Published 2025-11-10
Updated 6 months ago
Vendor/s
Gladinet
Product/s
Triofox
Version/s
* > 16.7.10368.56560
KEV Status
Active Exploitation
Listed in CISA's Known Exploited Vulnerabilities catalogue. Active exploitation observed in the wild.
CVSS Score (v3.1)
9.1
/ 10
Critical
Severity Details
Base score
9.1 Critical
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Description

CVE-2025-12480 is a critical access control vulnerability in Gladinet Triofox (CVSS 9.1) that allows attackers to access setup pages. Patch immediately.

CPE

Gladinet logo
Gladinet
Product Version Start Version End (excl.) Status
triofox * 16.7.10368.56560 vulnerable

Related weakness (CWE)

CWE-284

Remediation plan

1

Apply official patches

Download and apply the latest security updates from Gladinet to resolve the improper access control flaw in the Triofox platform.

2

Update affected systems

Upgrade all Triofox deployments to version 16.7.10368.56560 or later, as all previous versions are susceptible to this vulnerability.

3

Restrict access

Use firewalls or access control lists (ACLs) to ensure that administrative and setup interfaces are only accessible from internal, authorized management networks.

4

Monitor for exploitation

Audit web server logs for unexpected traffic to setup-related directories and monitor for unauthorized changes to system configuration settings.

Detection Guidance

Detecting exploitation of CVE-2025-12480 involves monitoring web server logs for inbound requests to setup or installation URIs (such as /setup or /install) from external sources. Look for successful HTTP 200 status codes on these paths post-deployment. Additionally, security teams should use network scanning tools to verify if sensitive configuration pages are exposed to the public internet.

References

https://access.triofox.com/releases_history/ Release Notes https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480 Exploit Third Party Advisory https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0008.md Third Party Advisory https://www.triofox.com/ Product https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-12480 US Government Resource

Sources

NIST National Vulnerability Database (NVD)
CISA Known Exploited Vulnerabilities (KEV)

Experience superior visibility and a simpler approach to cyber risk management

Get a demo
Free trial