CentreStack’s LFI Vulnerability: The Zero-Day That Keeps on Giving! (Patch Now!)

Hot Take:

Gladinet’s CentreStack update is like a superhero’s cape—it’s essential for saving the day, but only if you actually put it on. So, dear IT administrators, it’s time to don your capes and update to version 16.10.10408.56683 before the cyber-villains strike again. Remember, with great patches come great responsibilities!

Key Points:

• Gladinet released a security update for CentreStack to fix a local file inclusion vulnerability (CVE-2025-11371).
• This vulnerability has been actively exploited as a zero-day since late September.
• The LFI flaw allows attackers to read sensitive files and exploit a remote code execution vulnerability (CVE-2025-30406).
• Huntress disclosed technical details and a minimal proof-of-concept exploit for CVE-2025-11371.
• Administrators are urged to update to CentreStack version 16.10.10408.56683 or apply mitigation measures.

Patchy McPatchface Strikes Again!

Gladinet, the digital superhero none of us knew we needed, has released an update for its CentreStack business solution. This isn’t just another mundane update, folks—this is the antidote to the security bug, CVE-2025-11371, which has been making the rounds in the cyber underworld like a juicy piece of gossip. The vulnerability, which has been exploited since late September, allows nefarious actors to sneak through the digital backdoor by reading sensitive files and executing remote code. It’s like leaving the keys to your digital kingdom under the doormat, and believe me, the cyber-villains know where to look!

The Hunt(ress) for Bugs

Our cyber detectives at Huntress have been working overtime, cracking the case and sharing their findings like a scene from a detective movie. They’ve exposed the flaw as a bypass for previous mitigations, which, to be honest, sounds like a plot twist worthy of a thriller novel. The local file inclusion (LFI) flaw lets attackers read the Web.config file on fully patched CentreStack deployments, extract the machine key, and then exploit CVE-2025-30406. It’s like giving a burglar the blueprint to your house and then saying, “Good luck finding the safe!”

Patch Party: Don’t Be Fashionably Late

Now, for the pièce de résistance: the security update is available in CentreStack version 16.10.10408.56683. It’s like a digital invite to a patch party—only, this is one party you don’t want to skip. Administrators are strongly recommended to update, lest they find themselves on the wrong side of a cyber heist. And for those who absolutely cannot update, there’s a plan B: disable the temp handler in the Web.config file for the UploadDownloadProxy component. It’s like barricading the door with a chair when the lock is broken. Not perfect, but better than nothing!

Technical Details: For the Nerds Among Us

For those who like their news with a side of technical jargon, Huntress shared more details on the CVE-2025-11371, including a minimal proof-of-concept exploit. The root cause of the LFI issue is a sanitization failure at the temp-download handler, which accepts an ‘s=’ parameter—a detail as juicy as a leaked script of the next blockbuster movie. The flaw allows attackers to read any file the SYSTEM account can access, opening the door to all sorts of digital mischief.

Conclusion: Update or Be Outdated

In short, if you’re using CentreStack, it’s time to roll up your sleeves and update your systems. Gladinet’s latest patch is your digital armor against cyber threats, and trust us, you don’t want to be caught without it. Whether you’re an IT admin, a cybersecurity enthusiast, or just someone who loves a good digital drama, remember: in the world of cybersecurity, staying updated isn’t just recommended—it’s essential. So, grab your digital toolbox, update to the latest version, and keep those cyber-villains at bay!