Triofox
Monthly
Denial of service in Gladinet Triofox lets unauthenticated remote attackers crash the web service by sending an HTTP request whose URL path begins with /status or /sysinfo. The server tries to load WOSHttpStatusModule.dll to service those paths and calls WOSBin_LoadHttpModule, but that DLL ships missing from the installation, so the resolved function pointer is NULL and the code invokes a function at address 0, terminating the process (CWE-476). The flaw was discovered and reported by Tenable (TRA-2026-45); no public exploit identified at time of analysis and it is not on the CISA KEV list, with availability-only impact (CVSS 7.5).
Denial of service in Gladinet Triofox lets remote unauthenticated attackers crash the Triofox Server Agent by triggering a NULL pointer dereference. The function WOSSysInfoGetDeviceInterface() in WOSCommonUtil.dll returns NULL whenever no user is logged into the Server Agent Management Console, and callers such as WOSProfileMgrModule.dll and WOSWebDavModule.dll dereference that pointer without checking it, causing a process crash. There is no public exploit identified at time of analysis and the issue affects only availability (CVSS 7.5).
Information disclosure via path traversal in Gladinet Triofox lets remote unauthenticated attackers read arbitrary files on the server by sending crafted requests whose URL path begins with /woshome, which are handled by the WOSDefaultHttpModule.dll component. The CVSS 7.5 scoring (confidentiality-only impact) reflects unrestricted file read without code execution or service disruption. No public exploit has been identified at time of analysis, and the issue was reported by Tenable rather than appearing in CISA KEV.
Remote code execution in Gladinet Triofox is possible through a stack-based buffer overflow in WOSDefaultHttpModule.dll, which fails to bounds-check overly long URL paths beginning with /woshome. Because the flaw is reachable over the network with no authentication and no user interaction (CVSS 9.8), an attacker who can reach the Triofox web service can corrupt the stack and potentially execute arbitrary code in the context of the web module. No public exploit has been identified at the time of analysis, and the issue was reported by Tenable (TRA-2026-45).
Remote code execution in Gladinet Triofox is possible through a stack-based buffer overflow in the WOSDeviceDropFolder.dll component, which mishandles overly long URL paths that begin with /resources. The CVSS 9.8 vector indicates an unauthenticated, network-reachable flaw requiring no user interaction, meaning any attacker who can reach the Triofox web service can corrupt the stack and potentially execute arbitrary code. The issue was reported by Tenable (TRA-2026-45); no public exploit identified at time of analysis and no EPSS score was provided in the source data.
Missing authentication in Gladinet Triofox's Cloud Server Agent Access Service (GladServerAgentService.exe) lets remote, unauthenticated attackers reach privileged HTTP endpoints exposed on TCP port 7878. The service processes requests to paths such as /resources, /status, /sysinfo, /woshome, /Settings, /schedule, and /DavCache without an authentication check (CWE-306), and the CVSS vector (AV:N/AC:L/PR:N/UI:N, C:H/I:H/A:H) rates the impact as full confidentiality, integrity, and availability compromise. There is no public exploit identified at time of analysis and no EPSS score was provided, but the 9.8 base score and unauthenticated network reachability make this a critical-priority issue for any internet-exposed Triofox deployment.
Triofox versions before 16.7.10368.56560 contain an improper access control flaw allowing access to initial setup pages after setup is complete, enabling reconfiguration attacks.
Denial of service in Gladinet Triofox lets unauthenticated remote attackers crash the web service by sending an HTTP request whose URL path begins with /status or /sysinfo. The server tries to load WOSHttpStatusModule.dll to service those paths and calls WOSBin_LoadHttpModule, but that DLL ships missing from the installation, so the resolved function pointer is NULL and the code invokes a function at address 0, terminating the process (CWE-476). The flaw was discovered and reported by Tenable (TRA-2026-45); no public exploit identified at time of analysis and it is not on the CISA KEV list, with availability-only impact (CVSS 7.5).
Denial of service in Gladinet Triofox lets remote unauthenticated attackers crash the Triofox Server Agent by triggering a NULL pointer dereference. The function WOSSysInfoGetDeviceInterface() in WOSCommonUtil.dll returns NULL whenever no user is logged into the Server Agent Management Console, and callers such as WOSProfileMgrModule.dll and WOSWebDavModule.dll dereference that pointer without checking it, causing a process crash. There is no public exploit identified at time of analysis and the issue affects only availability (CVSS 7.5).
Information disclosure via path traversal in Gladinet Triofox lets remote unauthenticated attackers read arbitrary files on the server by sending crafted requests whose URL path begins with /woshome, which are handled by the WOSDefaultHttpModule.dll component. The CVSS 7.5 scoring (confidentiality-only impact) reflects unrestricted file read without code execution or service disruption. No public exploit has been identified at time of analysis, and the issue was reported by Tenable rather than appearing in CISA KEV.
Remote code execution in Gladinet Triofox is possible through a stack-based buffer overflow in WOSDefaultHttpModule.dll, which fails to bounds-check overly long URL paths beginning with /woshome. Because the flaw is reachable over the network with no authentication and no user interaction (CVSS 9.8), an attacker who can reach the Triofox web service can corrupt the stack and potentially execute arbitrary code in the context of the web module. No public exploit has been identified at the time of analysis, and the issue was reported by Tenable (TRA-2026-45).
Remote code execution in Gladinet Triofox is possible through a stack-based buffer overflow in the WOSDeviceDropFolder.dll component, which mishandles overly long URL paths that begin with /resources. The CVSS 9.8 vector indicates an unauthenticated, network-reachable flaw requiring no user interaction, meaning any attacker who can reach the Triofox web service can corrupt the stack and potentially execute arbitrary code. The issue was reported by Tenable (TRA-2026-45); no public exploit identified at time of analysis and no EPSS score was provided in the source data.
Missing authentication in Gladinet Triofox's Cloud Server Agent Access Service (GladServerAgentService.exe) lets remote, unauthenticated attackers reach privileged HTTP endpoints exposed on TCP port 7878. The service processes requests to paths such as /resources, /status, /sysinfo, /woshome, /Settings, /schedule, and /DavCache without an authentication check (CWE-306), and the CVSS vector (AV:N/AC:L/PR:N/UI:N, C:H/I:H/A:H) rates the impact as full confidentiality, integrity, and availability compromise. There is no public exploit identified at time of analysis and no EPSS score was provided, but the 9.8 base score and unauthenticated network reachability make this a critical-priority issue for any internet-exposed Triofox deployment.
Triofox versions before 16.7.10368.56560 contain an improper access control flaw allowing access to initial setup pages after setup is complete, enabling reconfiguration attacks.