9.8
CVE-2026-8364
- EPSS 0.31%
- Veröffentlicht 27.05.2026 19:38:01
- Zuletzt bearbeitet 29.05.2026 20:26:29
- Quelle vulnreport@tenable.com
- CVE-Watchlists
- Unerledigt
Gladinet Triofox Missing Authentication for Critical Functions
Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerGladinet
≫
Produkt
Triofox
Default Statusunaffected
Version
0
Version <
17.3.10565.57509
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.219 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| vulnreport@tenable.com | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
https://www.tenable.com/security/research/TRA-2026-45