Vulnerabilities > Gladinet

DATE CVE VULNERABILITY TITLE RISK
2025-04-03 CVE-2025-30406 Use of Hard-coded Credentials vulnerability in Gladinet Centrestack 13.5.9808
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025.
network
low complexity
gladinet CWE-798
critical
9.8
2023-03-31 CVE-2023-26829 Incorrect Authorization vulnerability in Gladinet Centrestack
An authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack before 13.5.9808 allows remote attackers to set a new password for any valid user account, without needing the previous known password, resulting in a full authentication bypass.
network
low complexity
gladinet CWE-863
critical
9.8
2023-03-31 CVE-2023-26830 Unrestricted Upload of File with Dangerous Type vulnerability in Gladinet Centrestack
An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated attackers to execute arbitrary code by uploading malicious files to the server.
network
low complexity
gladinet CWE-434
7.2