CP
cyberpings
VulnerabilitiesHIGH

Exploited Triofox Vulnerability Exposes Unauthenticated Remote Access

MAMandiant Threat Intel
TriofoxCVE-2025-12480GladinetUNC6485
🎯

Basically, a flaw in Triofox software let hackers access it without a password.

Quick Summary

A critical vulnerability in Triofox allowed hackers to access sensitive settings without authentication. Users of Triofox should update their software immediately to avoid risks. Stay informed to protect your data!

What Happened

A serious security issue has emerged involving the Triofox file-sharing platform, which allowed attackers to gain unauthenticated access to sensitive application settings. This vulnerability, tracked as CVE-2025-12480?, was exploited by a threat group known as UNC6485. They took advantage of this flaw to upload and run malicious code on affected systems.

The exploitation of this vulnerability began as early as August 24, 2025. Attackers managed to bypass authentication protocols, gaining access to configuration pages? where they could set up new admin account?s and execute harmful payloads?. Luckily, Gladinet has since patched this vulnerability in later software versions, ensuring that users can protect their data and systems from these types of attacks.

Why Should You Care

If you use Triofox for file sharing or remote access, this vulnerability could have put your sensitive information at risk. Imagine leaving your front door unlocked; it’s an invitation for anyone to walk in and take what they want. Similarly, this flaw allowed unauthorized individuals to access your files and settings without any barriers.

Your data security is paramount. Even if you think your organization is safe, vulnerabilities like this one can expose you to significant risks, including data theft and unauthorized access to sensitive information. It’s crucial to stay updated on software patches and security measures? to keep your digital assets secure.

What's Being Done

Gladinet has responded swiftly by releasing an update to fix the vulnerability. Here are the steps you should take if you’re using Triofox:

  • Update to the latest version of Triofox (16.7.10368.56560 or later).
  • Review your system logs? for any suspicious activity that may indicate exploitation.
  • Implement additional security measures?, such as strong passwords and two-factor authentication?, to enhance your security posture.

Experts are closely monitoring the situation to see if any further exploits arise from this vulnerability and are advising users to remain vigilant against potential threats.

💡 Tap dotted terms for explanations

🔒 Pro insight: The exploitation pattern mirrors previous incidents, highlighting the need for robust access controls in software design.

Original article from

Mandiant Threat Intel

Read Full Article

Share

Related Pings

CRITICALVulnerabilities

Critical RRAS RCE Vulnerabilities Patched in Windows 11

Microsoft released a hotpatch for critical RRAS vulnerabilities in Windows 11. These flaws could allow hackers to execute code remotely. Users should ensure their systems are updated to protect against potential attacks.

Cyber Security News·
HIGHVulnerabilities

FortiGate Firewalls Targeted in High-Severity Exploit Wave

FortiGate firewalls are under attack as hackers exploit critical vulnerabilities. Organizations using these firewalls are at risk of credential theft and network breaches. Immediate patching and credential rotation are essential to mitigate these threats.

Cyber Security News·
HIGHVulnerabilities

March Patch Tuesday Fixes 84 Vulnerabilities Across 15 Products

Microsoft's March Patch Tuesday addressed 84 vulnerabilities across various products. Eight are critical, but none affect Windows directly. Stay updated to protect your systems from potential exploits.

Sophos News·
HIGHVulnerabilities

Microsoft Issues Urgent Hotpatch for Windows 11 RCE Vulnerability

Microsoft has released a critical hotpatch for Windows 11 to fix serious vulnerabilities. Affected devices include Windows 11 Enterprise systems. This update is crucial to prevent remote code execution that could compromise sensitive data.

BleepingComputer·
CRITICALVulnerabilities

Critical Vulnerability in HPE AOS-CX Allows Password Resets

The Flaw Hewlett Packard Enterprise (HPE) has reported a critical-severity vulnerability in its Aruba Networking AOS-CX switches, tracked as CVE-2026-23813. This vulnerability has a CVSS score of 9.8, indicating its severity. It allows attackers to reset administrator passwords remotely and without any authentication, effectively bypassing existing security measures. This flaw affects various models, including the CX 4100i, CX 6000,

SecurityWeek·
HIGHVulnerabilities

Critical LangSmith Vulnerability Exposes Users to Account Takeover

A critical vulnerability in LangSmith could allow hackers to take over user accounts. This flaw affects users who rely on LangSmith for AI data monitoring. Immediate action is required to ensure security and protect sensitive information.

Cyber Security News·