9.8

CVE-2025-7851

Medienbericht
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tp-linkFr307-m2 Firmware Version < 1.2.5
   Tp-linkFr307-m2 Version-
Tp-linkFr307-m2 Firmware Version1.2.5 Update-
   Tp-linkFr307-m2 Version-
Tp-linkFr205 Firmware Version < 1.0.3
   Tp-linkFr205 Version-
Tp-linkFr205 Firmware Version1.0.3 Update-
   Tp-linkFr205 Version-
Tp-linkFr365 Firmware Version < 1.1.10
   Tp-linkFr365 Version-
Tp-linkFr365 Firmware Version1.1.10 Update-
   Tp-linkFr365 Version-
Tp-linkG611 Firmware Version < 1.2.2
   Tp-linkG611 Version-
Tp-linkG611 Firmware Version1.2.2 Update-
   Tp-linkG611 Version-
Tp-linkG36 Firmware Version < 1.1.4
   Tp-linkG36 Version-
Tp-linkG36 Firmware Version1.1.4 Update-
   Tp-linkG36 Version-
Tp-linkEr7212pc Firmware Version < 2.1.3
   Tp-linkEr7212pc Version-
Tp-linkEr7212pc Firmware Version2.1.3 Update-
   Tp-linkEr7212pc Version-
Tp-linkEr706w-4g Firmware Version < 1.2.1
   Tp-linkEr706w-4g Version-
Tp-linkEr706w-4g Firmware Version1.2.1 Update-
   Tp-linkEr706w-4g Version-
Tp-linkEr706w Firmware Version < 1.2.1
   Tp-linkEr706w Version-
Tp-linkEr706w Firmware Version1.2.1 Update-
   Tp-linkEr706w Version-
Tp-linkEr605 Firmware Version < 2.3.1
   Tp-linkEr605 Version-
Tp-linkEr605 Firmware Version2.3.1 Update-
   Tp-linkEr605 Version-
Tp-linkEr7206 Firmware Version < 2.2.2
   Tp-linkEr7206 Version-
Tp-linkEr7206 Firmware Version2.2.2 Update-
   Tp-linkEr7206 Version-
Tp-linkEr707-m2 Firmware Version < 1.3.1
   Tp-linkEr707-m2 Version-
Tp-linkEr707-m2 Firmware Version1.3.1 Update-
   Tp-linkEr707-m2 Version-
Tp-linkEr7412-m2 Firmware Version < 1.1.0
   Tp-linkEr7412-m2 Version-
Tp-linkEr7412-m2 Firmware Version1.1.0 Update-
   Tp-linkEr7412-m2 Version-
Tp-linkEr8411 Firmware Version < 1.3.3
   Tp-linkEr8411 Version-
Tp-linkEr8411 Firmware Version1.3.3 Update-
   Tp-linkEr8411 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.06% 0.171
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
f23511db-6c3e-4e32-a477-6aa17d310630 8.7 0 0
CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.