Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Triofox

Source -

CNACISA

CNA CVEs -

6

ADP CVEs -

0

CISA CVEs -

1

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
7Vulnerabilities found
CVE-2026-8359
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.34%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:49
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox WOSHttpStatusModule.dll NULL Function Pointer Call DoS

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not present in the installation. As a result, a function pointer to WOSBin_LoadHttpModule (which would have been in the export table in WOSHttpStatusModule.dll) is set to NULL, resulting in calling a function at address 0.

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-8361
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.13%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:44
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Path Traversal in WOSDefaultHttpModule.dll

A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-23
Relative Path Traversal
CVE-2026-8362
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 17.88%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:42
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Stack-based Buffer Overflow in WOSDefaultHttpModule.dll

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-8363
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 17.88%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:40
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFolder.dll

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-8364
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 17.41%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 19:38
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gladinet Triofox Missing Authentication for Critical Functions

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

Action-Not Available
Vendor-Gladinet
Product-Triofox
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-12480
Assigner-Mandiant Inc.
ShareView Details
Assigner-Mandiant Inc.
CVSS Score-9.1||CRITICAL
EPSS-79.91% / 99.13%
||
7 Day CHG~0.00%
Published-10 Nov, 2025 | 14:20
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-12-03||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

Action-Not Available
Vendor-gladinetTrioFoxGladinet
Product-triofoxTrioFoxTriofox
CWE ID-CWE-284
Improper Access Control
CVE-2026-8360
Assigner-Tenable Network Security, Inc.
ShareView Details
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.83%
||
7 Day CHG~0.00%
Published-Not Available
Updated-29 May, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into the Triofox Server Agent Management Console). The returned NULL pointer is not checked before being dereferenced.

Action-Not Available
Vendor-
Product-
CWE ID-CWE-476
NULL Pointer Dereference