CVE-2025-12480

CRITICAL KEV NUCLEI

Gladinet Triofox < 16.7.10368.56560 - Improper Access Control

Title source: rule

Description

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

Nuclei Templates (1)

Triofox - Improper Access Control

CRITICALVERIFIEDby johnk3r,gti

Shodan: http.favicon.hash:-177043778

FOFA: icon_hash="-177043778"

References (5)

[Release Notes] https://access.triofox.com/releases_history/

[Exploit, Third Party Advisory] https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480

[Third Party Advisory] https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0008.md

View Writeup ZIP pw:eip

[Product] https://www.triofox.com/

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-12480

Scores

CVSS v3 9.1

EPSS 0.7832

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CISA KEV 2025-11-12

VulnCheck KEV 2025-11-10

ENISA EUVD EUVD-2025-44062

CWE

CWE-284

Status published

Products (1)

gladinet/triofox < 16.7.10368.56560

Published Nov 10, 2025

KEV Added Nov 12, 2025

Tracked Since Feb 18, 2026