Gladinet Triofox Cloud Server Agent Unauthenticated Access Vulnerability

A vulnerability exists in the Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) versions prior to 17.1.10488.57063. The service listens on TCP port 7878 and accepts remote HTTP messages directed to specific URL paths, including /resources, /status, /sysinfo, /woshome, /Settings, /schedule, and /DavCache. This vulnerability allows unauthenticated remote attackers to interact with these endpoints, potentially causing security issues. Certain operations could initiate authenticated communications with the Triofox web portal using the credentials of the user currently logged into the Triofox Server Agent Management Console.

Impact

Exploitation of this vulnerability could lead to unauthorized access and manipulation of files on the Triofox Drive mapped on the Server Agent host. Additionally, it could allow attackers to modify settings in the application's SQLite database, access sensitive files through a manipulated cache setting, or cause denial-of-service conditions by crashing the application.

Reproduction

The vulnerability can be reproduced by sending HTTP requests to the Triofox Server Agent Access Service on port 7878, targeting the vulnerable URL paths. For example, the /resources endpoint can be accessed to list, view, add, change, and delete files on the Triofox Drive. Similarly, the /Settings endpoint can be used to manipulate application settings. Exploitation can also involve causing the application to crash by accessing certain endpoints that trigger unhandled null pointer dereferences.

Remediation

Users are advised to upgrade to Gladinet Triofox Server Agent version 17.3.10565.57509 or later.