Main Vulnerability Database SB2025111142

SB2025111142 - Improper authorization in Triofox server

Published: November 11, 2025

Security Bulletin ID SB2025111142

Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper authorization (CVE-ID: CVE-2025-12480)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to the WebUI trusts information passed via the Host HTTP header when allowing access to the initial setup pages. A remote non-authenticated attacker can send a specially crafted HTTP request with the Host HTTP header set to "localhost" and create a new administrator account, leading to server compromise.

Remediation

Install update from vendor's website.

References

https://access.triofox.com/releases_history/
https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0008.md
https://www.triofox.com/