VIR Vulnerability Intelligence Relay

CVE-2025-12480

unknown KEV
Published 2025-11-12 · Modified 2025-11-12
CVSS v3
CVSS v2
VIR risk
1.5

Description

Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.

CISA KEV

Vendor
Gladinet
Product
Triofox
Due date
2025-12-03

Predictions

Exploit likelihood
99%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://access.triofox.com/releases_history ; https://nvd.nist.gov/vuln/detail/CVE-2025-12480

Exploits

References

Verify integrity in audit chain (admin only). AS-IS.