Detections
Analytics
Gladinet Triofox Improper Access Control (CVE-2025-12480) (uncredentialed check)
critical Nessus Plugin ID 299781
Synopsis
A web application is affected by an improper access control vulnerability.Description
The Gladinet Triofox running on the remote host is affected by an improper access control vulnerability.Solution
Update Gladinet Triofox to version 16.7.10368.56560 or later.See Also
Plugin Details
Severity: Critical
ID: 299781
File Name: gladinet_triofox_cve-2025-12480_dc.nbin
Version: 1.1
Type: remote
Family: Misc.
Published: 2/23/2026
Updated: 2/23/2026
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v3
Risk Factor: Critical
Base Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Information
CPE: cpe:/a:gladinet:triofox
Required KB Items: installed_sw/Gladinet Triofox Web Portal
Exploited by Nessus: true
Patch Publication Date: 11/10/2025
Vulnerability Publication Date: 11/10/2025
CISA Known Exploited Vulnerability Due Dates: 12/3/2025
Reference Information
CVE: CVE-2025-12480