Overview
- CISA listed CVE-2025-11371 in Gladinet CentreStack/Triofox and CVE-2025-48703 in Control Web Panel in its Known Exploited Vulnerabilities catalog.
- Active attempts against the Gladinet bug include Base64-encoded commands for reconnaissance, with Huntress noting at least three targeted customers.
- Gladinet and Huntress advised disabling the temp handler in UploadDownloadProxy’s Web.config as a workaround, with some functionality impact reported.
- Control Web Panel’s flaw was patched in version 0.9.8.1205 in June, and technical write-ups and proof-of-concept code are public, though observed exploitation remains limited.
- Descriptions differ on whether the CWP issue is fully unauthenticated, with researcher Maxime Rinaudo saying attackers must know a valid username before executing commands.