CVE-2026-8359
Gladinet Triofox WOSHttpStatusModule.dll NULL Function Pointer Call DoS
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not present in the installation. As a result, a function pointer to WOSBin_LoadHttpModule (which would have been in the export table in WOSHttpStatusModule.dll) is set to NULL, resulting in calling a function at address 0.
| CWE | CWE-476 |
| Vendor | gladinet |
| Product | triofox |
| Published | May 27, 2026 |
| Last Updated | May 27, 2026 |
Stay Ahead of the Next One
Get instant alerts for gladinet triofox
Be the first to know when new high vulnerabilities affecting gladinet triofox are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
Gladinet / Triofox
0 < 17.3.10565.57509