Volerion logoVolerion
Volerion logoVolerion

Gladinet Triofox Server Agent Stack-Based Buffer Overflow Vulnerability in WOSDefaultHttpModule.dll

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Gladinet Triofox Server Agent, specifically in the WOSDefaultHttpModule.dll file, all versions prior to 17.1.10488.57063. The vulnerability arises when the module processes long URL paths that start with '/woshome'. This buffer overflow can potentially be exploited to execute arbitrary code.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending a crafted HTTP request to the server's port 7878 with a URL path that includes a long string of 'A's, effectively overflowing the stack buffer. This can be done using a tool like curl, by specifying the 'woshome' path and appending the payload.

Remediation

Users are advised to upgrade to Gladinet Triofox Server Agent version 17.3.10565.57509 or later.

Added: May 28, 2026, 3:22 AM
Updated: May 28, 2026, 3:22 AM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
0.6
exploitability
8.7
remediation
0.0
relevance
9.4
threat
6.4
urgency
2.9
incentive
4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.