Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\web.config.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 10 Apr 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Gladinet
Gladinet centrestack
Weaknesses CWE-798
CPEs cpe:2.3:a:gladinet:centrestack:*:*:*:*:*:*:*:*
Vendors & Products Gladinet
Gladinet centrestack

Tue, 08 Apr 2025 23:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2025-04-08'}


Tue, 08 Apr 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 07 Apr 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 04 Apr 2025 02:15:00 +0000

Type Values Removed Values Added
Description Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, which enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: the CentreStack admin can manually delete the machineKey defined in portal\web.config. Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\web.config.
Weaknesses CWE-321
Metrics cvssV3_1

{'score': 9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}


Thu, 03 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
Description Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, which enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: the CentreStack admin can manually delete the machineKey defined in portal\web.config.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-07-30T01:36:15.902Z

Reserved: 2025-03-21T00:00:00.000Z

Link: CVE-2025-30406

cve-icon Vulnrichment

Updated: 2025-04-07T17:01:46.972Z

cve-icon NVD

Status : Analyzed

Published: 2025-04-03T20:15:24.987

Modified: 2025-04-22T01:00:01.653

Link: CVE-2025-30406

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.