Skip to main content

Triofox EUVDEUVD-2026-32642

| CVE-2026-8363 CRITICAL
Stack-based Buffer Overflow (CWE-121)
2026-05-27 tenable GHSA-h65f-pj95-wmgc
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
May 27, 2026 - 22:04 EUVD
Analysis Generated
May 27, 2026 - 20:52 vuln.today

DescriptionCVE.org

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

AnalysisAI

Remote code execution in Gladinet Triofox is possible through a stack-based buffer overflow in the WOSDeviceDropFolder.dll component, which mishandles overly long URL paths that begin with /resources. The CVSS 9.8 vector indicates an unauthenticated, network-reachable flaw requiring no user interaction, meaning any attacker who can reach the Triofox web service can corrupt the stack and potentially execute arbitrary code. The issue was reported by Tenable (TRA-2026-45); no public exploit identified at time of analysis and no EPSS score was provided in the source data.

Technical ContextAI

Triofox is Gladinet's enterprise file-sharing and remote-access platform, and the affected code lives in WOSDeviceDropFolder.dll - a native (DLL) request-handling library that processes device drop-folder URL routes. The root cause is CWE-121 (stack-based buffer overflow): the library copies an attacker-supplied URL path beginning with /resources into a fixed-size stack buffer without adequate bounds checking, so a sufficiently long path overruns the buffer and overwrites adjacent stack memory, including saved return addresses. Because this is a compiled C/C++ component handling raw HTTP path input, successful overflow can redirect control flow rather than merely crash the process.

RemediationAI

No vendor-released patch identified at time of analysis - the input data contains no fixed version number, so no exact upgrade target can be cited without inventing one. Monitor Gladinet's security channel and the Tenable advisory at https://www.tenable.com/security/research/TRA-2026-45 for a patched build, and apply it as soon as it is published. As compensating controls while unpatched: restrict network reachability of the Triofox web service to trusted networks or a VPN rather than exposing it to the internet (trade-off: breaks external remote-access workflows that the product exists to provide); place a reverse proxy or WAF in front of the service to drop requests whose URL path starts with /resources and exceeds a sane length, since that is the specific trigger condition (trade-off: may block legitimate long resource paths and requires tuning); and increase monitoring for crashes or anomalous long /resources requests against the WOSDeviceDropFolder handler. Validate any rule against legitimate traffic before enforcing in blocking mode.

Share

EUVD-2026-32642 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy