Triofox Flaw

Vulnerability in Triofox file-sharing platform

Mandiant Warns of Active Exploitation of Critical Triofox Flaw Allowing Remote Access

Nov 11, 2025

—

by

Reza Rafati

in Cyber News & Updates

Mandiant warns of active exploitation of a critical Triofox flaw (CVE-2025-12480) allowing remote code execution, with threat actors UNC6485 bypassing authentication to compromise systems.