1. Home
  2. Vulnerabilities
  3. CVE-2025-9290
6.0
MEDIUM CVSS 4.0
CVE-2025-9290
Authentication Weakness on Omada Controllers, Gateways and Access Points
Overview
Description

An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.

Details
INFO

Published Date :

Jan. 23, 2026, 12:15 a.m.

Last Modified :

March 16, 2026, 6:07 p.m.

Remotely Exploit :

No

Source :

f23511db-6c3e-4e32-a477-6aa17d310630
Impact
Affected Products

The following products are affected by CVE-2025-9290 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Tp-link omada_controller
2 Tp-link er7206_firmware
3 Tp-link er7206
4 Tp-link er8411_firmware
5 Tp-link er8411
6 Tp-link er7412-m2_firmware
7 Tp-link er7412-m2
8 Tp-link er707-m2_firmware
9 Tp-link er707-m2
10 Tp-link er605_firmware
11 Tp-link er605
12 Tp-link er706w_firmware
13 Tp-link er706w
14 Tp-link er706w-4g_firmware
15 Tp-link er706w-4g
16 Tp-link er7212pc_firmware
17 Tp-link er7212pc
18 Tp-link fr365_firmware
19 Tp-link fr365
20 Tp-link oc200_firmware
21 Tp-link oc200
22 Tp-link oc220_firmware
23 Tp-link oc220
24 Tp-link oc300_firmware
25 Tp-link oc300
26 Tp-link oc400_firmware
27 Tp-link oc400
28 Tp-link er7406_firmware
29 Tp-link er7406
30 Tp-link er706wp-4g_firmware
31 Tp-link er706wp-4g
32 Tp-link er703wp-4g-outdoor_firmware
33 Tp-link er703wp-4g-outdoor
34 Tp-link dr3220v-4g_firmware
35 Tp-link dr3220v-4g
36 Tp-link dr3650v-4g_firmware
37 Tp-link dr3650v-4g
38 Tp-link dr3650v_firmware
39 Tp-link dr3650v
40 Tp-link er701-5g-outdoor_firmware
41 Tp-link er701-5g-outdoor
42 Tp-link er605w_firmware
43 Tp-link er605w
44 Tp-link g36w-4g_firmware
45 Tp-link g36w-4g
46 Tp-link eap655-wall_firmware
47 Tp-link eap655-wall
48 Tp-link eap660_hd_firmware
49 Tp-link eap660_hd
50 Tp-link eap620_hd_firmware
51 Tp-link eap620_hd
52 Tp-link eap610-outdoor_firmware
53 Tp-link eap610-outdoor
54 Tp-link eap610_firmware
55 Tp-link eap610
56 Tp-link eap623-outdoor_hd_firmware
57 Tp-link eap623-outdoor_hd
58 Tp-link eap625-outdoor_hd_firmware
59 Tp-link eap625-outdoor_hd
60 Tp-link eap772_firmware
61 Tp-link eap772
62 Tp-link eap772-outdoor_firmware
63 Tp-link eap772-outdoor
64 Tp-link eap770_firmware
65 Tp-link eap770
66 Tp-link eap723_firmware
67 Tp-link eap723
68 Tp-link eap773_firmware
69 Tp-link eap773
70 Tp-link eap783_firmware
71 Tp-link eap783
72 Tp-link eap787_firmware
73 Tp-link eap787
74 Tp-link eap720_firmware
75 Tp-link eap720
76 Tp-link eap725-wall_firmware
77 Tp-link eap725-wall
78 Tp-link eap215_bridge_kit_firmware
79 Tp-link eap215_bridge_kit
80 Tp-link eap211_bridge_kit_firmware
81 Tp-link eap211_bridge_kit
82 Tp-link beam_bridge_5_ur_firmware
83 Tp-link beam_bridge_5_ur
84 Tp-link eap603gp-desktop_firmware
85 Tp-link eap603gp-desktop
86 Tp-link eap615gp-wall_firmware
87 Tp-link eap615gp-wall
88 Tp-link eap625gp-wall_firmware
89 Tp-link eap625gp-wall
90 Tp-link eap610gp-desktop_firmware
91 Tp-link eap610gp-desktop
92 Tp-link eap650gp-desktop_firmware
93 Tp-link eap650gp-desktop
94 Tp-link eap653_firmware
95 Tp-link eap653
96 Tp-link eap650-outdoor_firmware
97 Tp-link eap650-outdoor
98 Tp-link eap230-wall_firmware
99 Tp-link eap230-wall
100 Tp-link eap235-wall_firmware
101 Tp-link eap235-wall
102 Tp-link eap603-outdoor_firmware
103 Tp-link eap603-outdoor
104 Tp-link eap653_ur_firmware
105 Tp-link eap653_ur
106 Tp-link eap650-desktop_firmware
107 Tp-link eap650-desktop
108 Tp-link eap615-wall_firmware
109 Tp-link eap615-wall
110 Tp-link eap100-bridge_kit_firmware
111 Tp-link eap100-bridge_kit
: Total Affected Vendor : 1 | Products : 111
Scoring
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 MEDIUM [email protected]
CVSS 4.0 MEDIUM f23511db-6c3e-4e32-a477-6aa17d310630
CVSS 4.0 MEDIUM f23511db-6c3e-4e32-a477-6aa17d310630
Solution
Address authentication weakness in Omada devices by updating firmware and implementing secure random value handling.
  • Update Omada Controller, Gateway, and Access Point firmware.
  • Ensure proper handling of random values during device adoption.
  • Review and enhance authentication mechanisms for device onboarding.
  • Monitor network traffic for suspicious adoption attempts.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-9290.

URL Resource
https://support.omadanetworks.com/en/download/ Product
https://support.omadanetworks.com/us/document/114950/ Vendor Advisory
https://support.omadanetworks.com/us/download/ Product
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-9290 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-9290 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-9290 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-9290 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Mar. 16, 2026

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
    Added CWE NVD-CWE-noinfo
    Added CPE Configuration OR *cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:* versions up to (excluding) 6.0.0.24 *cpe:2.3:a:tp-link:omada_controller:*:*:*:*:cloud:*:*:* versions up to (excluding) 6.0.0.100
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.37.9 OR cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.3 OR cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.31.9 OR cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.9.9 OR cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.22.9 OR cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:oc220_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er605_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.2 OR cpe:2.3:h:tp-link:er605:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er7206_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.2 OR cpe:2.3:h:tp-link:er7206:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er7406_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.2 OR cpe:2.3:h:tp-link:er7406:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er707-m2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.1 OR cpe:2.3:h:tp-link:er707-m2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er7412-m2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:er7412-m2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er8411_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.5 OR cpe:2.3:h:tp-link:er8411:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er706w_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.1 OR cpe:2.3:h:tp-link:er706w:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.1 OR cpe:2.3:h:tp-link:er706w-4g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er706wp-4g_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:er706wp-4g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:dr3220v-4g_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:dr3220v-4g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:dr3650v-4g_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:dr3650v-4g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:dr3650v_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:dr3650v:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0 OR cpe:2.3:h:tp-link:er701-5g-outdoor:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er605w_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.0.2 OR cpe:2.3:h:tp-link:er605w:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er7212pc_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.2.1 OR cpe:2.3:h:tp-link:er7212pc:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:fr365_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.10 OR cpe:2.3:h:tp-link:fr365:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:g36w-4g_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.5 OR cpe:2.3:h:tp-link:g36w-4g:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap655-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.2 OR cpe:2.3:h:tp-link:eap655-wall:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap660_hd_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.1 OR cpe:2.3:h:tp-link:eap660_hd:1.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap660_hd:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap620_hd_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.1 OR cpe:2.3:h:tp-link:eap620_hd:3.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap620_hd:3.20:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap610-outdoor_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.1 OR cpe:2.3:h:tp-link:eap610-outdoor:1.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap610-outdoor:1.20:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap610_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.1 OR cpe:2.3:h:tp-link:eap610:1.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap610:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.1 OR cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.6.1 OR cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.2 OR cpe:2.3:h:tp-link:eap772:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap772-outdoor_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.2 OR cpe:2.3:h:tp-link:eap772-outdoor:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap770_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.2 OR cpe:2.3:h:tp-link:eap770:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.2 OR cpe:2.3:h:tp-link:eap723:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap773_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap773:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap783_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap783:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap772:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap787_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap787:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap720_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap720:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap723:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap725-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.2 OR cpe:2.3:h:tp-link:eap725-wall:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.4 OR cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.4 OR cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.5 OR cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap603gp-desktop_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:eap603gp-desktop:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap615gp-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:eap615gp-wall:1.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap615gp-wall:1.20:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap625gp-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:eap625gp-wall:1.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap625gp-wall:1.20:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap610gp-desktop_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:eap610gp-desktop:1.0:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap610gp-desktop:1.20:*:*:*:*:*:*:* cpe:2.3:h:tp-link:eap610gp-desktop:1.26:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap650gp-desktop_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1 OR cpe:2.3:h:tp-link:eap650gp-desktop:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap653_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.3 OR cpe:2.3:h:tp-link:eap653:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap650-outdoor_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.3 OR cpe:2.3:h:tp-link:eap650-outdoor:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap230-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.3.1 OR cpe:2.3:h:tp-link:eap230-wall:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap235-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.3.1 OR cpe:2.3:h:tp-link:eap235-wall:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap603-outdoor_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.5.1 OR cpe:2.3:h:tp-link:eap603-outdoor:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap653_ur_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.4.2 OR cpe:2.3:h:tp-link:eap653_ur:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap650-desktop_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:eap650-desktop:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap615-wall_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0 OR cpe:2.3:h:tp-link:eap615-wall:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.3 OR cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.1.0 OR cpe:2.3:h:tp-link:er706w-4g:2.0:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:* versions up to (excluding) 6.0.0.34 OR cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:* cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:* cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:* cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:* versions up to (excluding) 5.15.24 OR cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:* cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*
    Added Reference Type TPLink: https://support.omadanetworks.com/en/download/ Types: Product
    Added Reference Type TPLink: https://support.omadanetworks.com/us/document/114950/ Types: Vendor Advisory
    Added Reference Type TPLink: https://support.omadanetworks.com/us/download/ Types: Product
  • New CVE Received by f23511db-6c3e-4e32-a477-6aa17d310630

    Jan. 23, 2026

    Action Type Old Value New Value
    Added Description An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
    Added CVSS V4.0 AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-760
    Added Reference https://support.omadanetworks.com/en/download/
    Added Reference https://support.omadanetworks.com/us/document/114950/
    Added Reference https://support.omadanetworks.com/us/download/
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
Base CVSS Score: 6
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Base CVSS Score: 5.9
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact