Huntress has issued a warning about a newly exploited vulnerability in Gladinet’s CentreStack and Triofox products, linked to hard-coded cryptographic keys, which has already impacted nine organizations. Security researcher Bryan Masters indicated that this flaw could allow threat actors to access the web.config file, leading to potential deserialization and remote code execution risks. Immediate action is required to mitigate these security threats. Organizations using these products should assess their systems for vulnerabilities.
