gladinet centrestack vulnerabilities and exploits

(subscribe to this query)

An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack prior to 13.5.9808 allows authenticated malicious users to execute arbitrary code by uploading malicious files to the server.

Gladinet Centrestack

An authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack prior to 13.5.9808 allows remote malicious users to set a new password for any valid user account, without needing the previous known password, resulting in a full authentication bypass...

Gladinet Centrestack

Gladinet CentreStack up to and including 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to...

Gladinet Centrestack

2 Github repositories1 Article

An LDAP injection vulnerability in the login page of Gladinet CentreStack v13.12.9934.54690 allows malicious users to access sensitive data or execute arbitrary commands via a crafted payload injected into the username field.

A reflected cross-site scripting (XSS) vulnerability in Gladinet CentreStack v13.12.9934.54690 allows malicious users to inject malicious JavaScript into the web browser of a victim via the sessionId parameter at /portal/ForgotPassword.aspx.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook