Security News > 2025 > April > RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)
2025-04-09 10:37
A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday. According to the vulnerability’s entry in NIST’s National Vulnerability Database, the flaw has been leveraged in attacks since March 2025. About CVE-2025-30406 CentreStack is a platform that allows managed service providers (MSPs) to offer cloud-like file services to their customers: file sharing, backup, collaboration, and remote access. CVE-2025-30406 is a deserialization vulnerability … More → The post RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) appeared first on Help Net Security.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-03 | CVE-2025-30406 | Use of Hard-coded Credentials vulnerability in Gladinet Centrestack 13.5.9808 Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. | 9.8 |