Huntress is warning of a new actively exploited vulnerability in Gladinet’s CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far.
« Threat actors can potentially abuse this as a way to access the web.config file, opening the door for deserialization and remote code execution, » security researcher Bryan Masters said.
