Hackers Exploit CentreStack Vulnerability to Breach Nine Organizations

Huntress uncovers cyberattacks exploiting Gladinet CentreStack's cryptographic flaws, urging urgent updates to prevent data breaches.

By Content Team

Dec 13, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybersecurity firm Huntress has discovered a new wave of attacks targeting Gladinet CentreStack instances, with hackers exploiting a cryptographic vulnerability to breach nine organizations across healthcare and technology sectors.

The flaw allows attackers to access the 'web.config' file and steal machine keys by exploiting CentreStack's reliance on the same two 100-byte strings for key derivation. Once obtained, these keys never change, enabling hackers to decrypt any server-generated ticket or create their own malicious ones.

Attackers then use these keys to forge ViewState payloads and achieve remote code execution through deserialization attacks. Gladinet released patches in late November and December, urging customers to update immediately.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Google's Vertex AI Default Settings Allow Privilege Escalation Attacks

Jan 18, 2026

Hospital Accidentally Exposes 8,100 Staff Members' Sick Leave Records

Dec 10, 2025

Critical Apache bRPC Vulnerability Lets Attackers Crash Servers with Malicious JSON

Dec 1, 2025

Saudi Arabia Ordered to Pay £3m to London Dissident Over Pegasus Spying

Jan 29, 2026