module
Gladinet CentreStack/Triofox ASP.NET ViewState Deserialization
| Disclosed |
|---|
| Apr 3, 2025 |
Disclosed
Apr 3, 2025
Description
A vulnerability in Gladinet CentreStack and Triofox application using hardcoded
cryptographic keys for ViewState could allow an attacker to forge ViewState data.
This can lead to unauthorized actions such as remote code execution.
Both applications make use of a hardcoded machineKey in the IIS web.config file,
which is responsible for securing ASP.NET ViewState data. If an attacker obtains
the machineKey, they can forge ViewState payloads that pass integrity checks.
This can result in ViewState deserialization attacks, potentially leading to
remote code execution (RCE) on the web server.
Gladinet CentreStack versions up to 16.4.10315.56368 are vulnerable (fixed in 16.4.10315.56368).
Gladinet Triofox versions up to 16.4.10317.56372 are vulnerable (fixed in 16.4.10317.56372).
NOTE: There are other rebranded services that might be vulnerable and can be detected by this module.
cryptographic keys for ViewState could allow an attacker to forge ViewState data.
This can lead to unauthorized actions such as remote code execution.
Both applications make use of a hardcoded machineKey in the IIS web.config file,
which is responsible for securing ASP.NET ViewState data. If an attacker obtains
the machineKey, they can forge ViewState payloads that pass integrity checks.
This can result in ViewState deserialization attacks, potentially leading to
remote code execution (RCE) on the web server.
Gladinet CentreStack versions up to 16.4.10315.56368 are vulnerable (fixed in 16.4.10315.56368).
Gladinet Triofox versions up to 16.4.10317.56372 are vulnerable (fixed in 16.4.10317.56372).
NOTE: There are other rebranded services that might be vulnerable and can be detected by this module.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.