← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-12480 — Actively Exploited: Triofox (Gladinet)

Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.

CVE IDCVE-2025-12480
VendorGladinet
ProductTriofox
Vulnerability nameGladinet Triofox Improper Access Control Vulnerability
Date added2025-11-12
Remediation due2025-12-03
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionGladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →