On Tuesday the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security vulnerabilities impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog.
The vulnerabilities, CVE-2025-11371 and CVE-2025-48703, present substantial risks to the impacted systems. CISA confirmed that unknown threat actors are actively exploiting these flaws in the wild.
The first vulnerability, CVE-2025-11371, impacts Gladinet CentreStack and Triofox by exposing certain files and directories to external access, potentially resulting in unintended disclosure of system data. Rated with a CVSS of 7.5, the flaw represents a serious security risk.
Researchers at Huntress recently observed active exploitation attempts, where attackers leveraged Base64-encoded payloads to carry out reconnaissance commands on affected systems, reports TheHackerNews.
The second, CVE-2025-48703, is an operating system command injection flaw that targets Control Web Panel and permits unauthenticated attackers to execute remote code through operating system command injection.
Federal Civilian Executive Branch (FCEB) agencies have been instructed to apply the necessary updates by November 25, 2025, to mitigate potential risk and secure their environments.
