mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.7 KiB
1.7 KiB
CVE-2025-30406
Description
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\web.config.
POC
Reference
Github
- https://github.com/0xMarcio/cve
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Andromeda254/cve
- https://github.com/Gersonaze/CVE-2025-30406
- https://github.com/GhostTroops/TOP
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/W01fh4cker/CVE-2025-30406
- https://github.com/jaydenb546/CVE-2025-30406
- https://github.com/mchklt/CVE-2025-30406
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/packetinside/CISA_BOT
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/tanjiti/sec_profile
- https://github.com/threadpoolx/CVE-2025-30406-CentreStack-Triofox-Deserialization-RCE
- https://github.com/ums91/CISA_BOT
- https://github.com/yembors64632/cve_monitor_Public
- https://github.com/zulloper/cve-poc