A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday. According to the vulnerability’s entry in NIST’s National Vulnerability Database, the flaw has been leveraged in attacks since March 2025. About CVE-2025-30406 CentreStack is a platform that allows managed service providers (MSPs) to offer cloud-like file services to their customers: file sharing, backup, collaboration, and remote access. CVE-2025-30406 is a deserialization vulnerability … More

The post RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) appeared first on Help Net Security.