A vulnerability in Gladinet’s Triofox platform, tracked as CVE-2025-12480, allowed attackers to bypass authentication and access configuration pages without credentials. The flaw enabled arbitrary file upload and code execution through abuse of the platform’s built-in antivirus feature, and was exploited by the threat actor UNC6485....