Security News > 2025 > April > CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks
2025-04-09 08:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2025-30406 (CVSS score: 9.0), concerns a case of a hard-coded cryptographic key that could be abused to achieve remote
News URL
https://thehackernews.com/2025/04/cisa-warns-of-centrestacks-hard-coded.html
Related news
- Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) (source)
- CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- Active! Mail RCE flaw exploited in attacks on Japanese orgs (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-03 | CVE-2025-30406 | Use of Hard-coded Credentials vulnerability in Gladinet Centrestack 13.5.9808 Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. | 9.8 |