The Reveal Platform
Intel Name: No place like localhost: unauthenticated remote access via triofox vulnerability cve-2025-12480
Date of Scan: November 11, 2025
Impact: Medium
Summary: A vulnerability in Gladinet’s Triofox platform, tracked as CVE-2025-12480, allowed attackers to bypass authentication and access configuration pages without credentials. The flaw enabled arbitrary file upload and code execution through abuse of the platform’s built-in antivirus feature, and was exploited by the threat actor UNC6485. It affected Triofox version 16.4.10317.56372 and was patched in version 16.7.10368.56560. The issue has been resolved in newer releases of Triofox.
