CVSS Score: 9.8 (Critical)
Identifier: CVE-2025-30406
Exploit or Proof of Concept (PoC): Yes, this vulnerability has been actively exploited in the wild as of March 2025.
Update: CVE-2025-30406 – Gladinet Security Advisory
Description: CVE-2025-30406 is a critical deserialization vulnerability in Gladinet CentreStack versions up to 16.1.10296.56315. The issue arises from the use of a hardcoded machineKey in the CentreStack portal's web.config file. Attackers who know this machineKey can craft serialized payloads that, when deserialized by the server, lead to remote code execution. This vulnerability has been exploited in the wild, allowing threat actors to execute arbitrary code on affected servers.
Mitigation Recommendation: Administrators should immediately update Gladinet CentreStack to version 16.4.10315.56368 or later, which addresses this vulnerability by generating a unique machineKey for each installation. If immediate updating is not feasible, it is recommended to manually delete the hardcoded machineKey from the portal\web.config file and generate a new, unique one. Detailed instructions for this process are provided in the Gladinet Security Advisory
Note: Given the active exploitation of this vulnerability and its critical severity, prompt action is essential to secure affected systems. Regularly reviewing and applying security updates is vital to maintaining the integrity and security of your infrastructure.