#VU107322 Use of hard-coded cryptographic key in CentreStack - CVE-2025-30406
Published: April 9, 2025 / Updated: September 24, 2025
Vulnerability identifier: #VU107322
Vulnerability risk: Critical
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2025-30406
CWE-ID: CWE-321
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
CentreStack
CentreStack
Software vendor:
Gladinet
Gladinet
Description
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of a hard-coded cryptographic key when encrypting ViewState data. A remote non-authenticated attacker can predict the machineKey in use and forge ViewState payloads that pass integrity checks.
Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on the system with privileges of the Microsoft IIS webserver account.
Note, the vulnerability is being actively exploited in the wild.
Remediation
Install updates from vendor's website.