EUVD-2026-32646
GHSA-f7wq-cj78-r6c9
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionNVD
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not present in the installation. As a result, a function pointer to WOSBin_LoadHttpModule (which would have been in the export table in WOSHttpStatusModule.dll) is set to NULL, resulting in calling a function at address 0.
AnalysisAI
Denial of service in Gladinet Triofox lets unauthenticated remote attackers crash the web service by sending an HTTP request whose URL path begins with /status or /sysinfo. The server tries to load WOSHttpStatusModule.dll to service those paths and calls WOSBin_LoadHttpModule, but that DLL ships missing from the installation, so the resolved function pointer is NULL and the code invokes a function at address 0, terminating the process (CWE-476). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Deploy WAF or reverse proxy rules to block all HTTP requests with URL paths beginning with /status or /sysinfo to prevent exploitation. Within 7 days: Complete inventory of all Gladinet Triofox installations; restrict network access to the web service to authorized internal subnets only; enable enhanced monitoring of web service logs for exploitation attempts. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today