CVE-2025-12480

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.triofox.com/releases_history/	Release Notes
https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480	Exploit Third Party Advisory
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0008.md	Third Party Advisory
https://www.triofox.com/	Product
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-12480	US Government Resource

Configurations

Configuration 1 (hide)

cpe:2.3:a:gladinet:triofox:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-11-10 15:15

Updated : 2025-11-14 02:00

NVD link : CVE-2025-12480

Mitre link : CVE-2025-12480

CVE.ORG link : CVE-2025-12480

JSON object : View

Products Affected

gladinet

triofox

CWE

CWE-284

Improper Access Control

{"id": "CVE-2025-12480", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "mandiant-cve@google.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2025-11-10T15:15:36.527", "references": [{"url": "https://access.triofox.com/releases_history/", "tags": ["Release Notes"], "source": "mandiant-cve@google.com"}, {"url": "https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480", "tags": ["Exploit", "Third Party Advisory"], "source": "mandiant-cve@google.com"}, {"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0008.md", "tags": ["Third Party Advisory"], "source": "mandiant-cve@google.com"}, {"url": "https://www.triofox.com/", "tags": ["Product"], "source": "mandiant-cve@google.com"}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-12480", "tags": ["US Government Resource"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "mandiant-cve@google.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete."}], "lastModified": "2025-11-14T02:00:02.350", "cisaActionDue": "2025-12-03", "cisaExploitAdd": "2025-11-12", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gladinet:triofox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85D1B442-0354-472A-9A4C-1417AAE16936", "versionEndExcluding": "16.7.10368.56560"}], "operator": "OR"}]}], "sourceIdentifier": "mandiant-cve@google.com", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Gladinet Triofox Improper Access Control Vulnerability"}