CVE-2025-9290

EPSS 0.03%
Veröffentlicht 22.01.2026 23:14:45
Zuletzt bearbeitet 16.03.2026 18:07:14
Quelle f23511db-6c3e-4e32-a477-6aa17d
CVE-Watchlists
Login
Unerledigt
Login

An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tp-link ≫ Omada Controller SwEdition- Version < 6.0.0.24

Tp-link ≫ Omada Controller SwEditioncloud Version < 6.0.0.100

Tp-link ≫ Oc200 Firmware Version < 1.37.9

Tp-link ≫ Oc200 Version1

Tp-link ≫ Oc220 Firmware Version < 1.1.3

Tp-link ≫ Oc220 Version1

Tp-link ≫ Oc300 Firmware Version < 1.31.9

Tp-link ≫ Oc300 Version1.6

Tp-link ≫ Oc400 Firmware Version < 1.9.9

Tp-link ≫ Oc400 Version1.6

Tp-link ≫ Oc200 Firmware Version < 2.22.9

Tp-link ≫ Oc200 Version2

Tp-link ≫ Oc220 Firmware Version-

Tp-link ≫ Oc220 Version2

Tp-link ≫ Er605 Firmware Version < 2.3.2

Tp-link ≫ Er605 Version2.0

Tp-link ≫ Er7206 Firmware Version < 2.2.2

Tp-link ≫ Er7206 Version2.0

Tp-link ≫ Er7406 Firmware Version < 1.2.2

Tp-link ≫ Er7406 Version-

Tp-link ≫ Er707-m2 Firmware Version < 1.3.1

Tp-link ≫ Er707-m2 Version-

Tp-link ≫ Er7412-m2 Firmware Version < 1.1.0

Tp-link ≫ Er7412-m2 Version-

Tp-link ≫ Er8411 Firmware Version < 1.3.5

Tp-link ≫ Er8411 Version-

Tp-link ≫ Er706w Firmware Version < 1.2.1

Tp-link ≫ Er706w Version-

Tp-link ≫ Er706w-4g Firmware Version < 1.2.1

Tp-link ≫ Er706w-4g Version-

Tp-link ≫ Er706wp-4g Firmware Version < 1.1.0

Tp-link ≫ Er706wp-4g Version-

Tp-link ≫ Er703wp-4g-outdoor Firmware Version < 1.1.0

Tp-link ≫ Er703wp-4g-outdoor Version-

Tp-link ≫ Dr3220v-4g Firmware Version < 1.1.0

Tp-link ≫ Dr3220v-4g Version-

Tp-link ≫ Dr3650v-4g Firmware Version < 1.1.0

Tp-link ≫ Dr3650v-4g Version-

Tp-link ≫ Dr3650v Firmware Version < 1.1.0

Tp-link ≫ Dr3650v Version-

Tp-link ≫ Er701-5g-outdoor Firmware Version < 1.0.0

Tp-link ≫ Er701-5g-outdoor Version-

Tp-link ≫ Er605w Firmware Version < 2.0.2

Tp-link ≫ Er605w Version2.0

Tp-link ≫ Er7212pc Firmware Version < 2.2.1

Tp-link ≫ Er7212pc Version2.0

Tp-link ≫ Fr365 Firmware Version < 1.1.10

Tp-link ≫ Fr365 Version-

Tp-link ≫ G36w-4g Firmware Version < 1.1.5

Tp-link ≫ G36w-4g Version-

Tp-link ≫ Eap655-wall Firmware Version < 1.6.2

Tp-link ≫ Eap655-wall Version1.0

Tp-link ≫ Eap660 Hd Firmware Version < 1.6.1

Tp-link ≫ Eap660 Hd Version1.0
Tp-link ≫ Eap660 Hd Version2.0

Tp-link ≫ Eap620 Hd Firmware Version < 1.6.1

Tp-link ≫ Eap620 Hd Version3.0
Tp-link ≫ Eap620 Hd Version3.20

Tp-link ≫ Eap610-outdoor Firmware Version < 1.6.1

Tp-link ≫ Eap610-outdoor Version1.0
Tp-link ≫ Eap610-outdoor Version1.20

Tp-link ≫ Eap610 Firmware Version < 1.6.1

Tp-link ≫ Eap610 Version1.0
Tp-link ≫ Eap610 Version2.0

Tp-link ≫ Eap623-outdoor Hd Firmware Version < 1.6.1

Tp-link ≫ Eap623-outdoor Hd Version1.0

Tp-link ≫ Eap625-outdoor Hd Firmware Version < 1.6.1

Tp-link ≫ Eap625-outdoor Hd Version1.0

Tp-link ≫ Eap772 Firmware Version < 1.3.2

Tp-link ≫ Eap772 Version2.0

Tp-link ≫ Eap772-outdoor Firmware Version < 1.3.2

Tp-link ≫ Eap772-outdoor Version1.0

Tp-link ≫ Eap770 Firmware Version < 1.3.2

Tp-link ≫ Eap770 Version2.0

Tp-link ≫ Eap723 Firmware Version < 1.3.2

Tp-link ≫ Eap723 Version1.0

Tp-link ≫ Eap773 Firmware Version < 1.1.2

Tp-link ≫ Eap773 Version1.0

Tp-link ≫ Eap783 Firmware Version < 1.1.2

Tp-link ≫ Eap783 Version1.0

Tp-link ≫ Eap772 Firmware Version < 1.1.2

Tp-link ≫ Eap772 Version1.0

Tp-link ≫ Eap787 Firmware Version < 1.1.2

Tp-link ≫ Eap787 Version1.0

Tp-link ≫ Eap720 Firmware Version < 1.1.2

Tp-link ≫ Eap720 Version1.0

Tp-link ≫ Eap723 Firmware Version < 1.1.2

Tp-link ≫ Eap723 Version2.0

Tp-link ≫ Eap725-wall Firmware Version < 1.1.2

Tp-link ≫ Eap725-wall Version1.0

Tp-link ≫ Eap215 Bridge Kit Firmware Version < 1.1.4

Tp-link ≫ Eap215 Bridge Kit Version3.0

Tp-link ≫ Eap211 Bridge Kit Firmware Version < 1.1.4

Tp-link ≫ Eap211 Bridge Kit Version3.0

Tp-link ≫ Beam Bridge 5 Ur Firmware Version < 1.1.5

Tp-link ≫ Beam Bridge 5 Ur Version1.0

Tp-link ≫ Eap603gp-desktop Firmware Version < 1.1.0

Tp-link ≫ Eap603gp-desktop Version1.0

Tp-link ≫ Eap615gp-wall Firmware Version < 1.1.0

Tp-link ≫ Eap615gp-wall Version1.0
Tp-link ≫ Eap615gp-wall Version1.20

Tp-link ≫ Eap625gp-wall Firmware Version < 1.1.0

Tp-link ≫ Eap625gp-wall Version1.0
Tp-link ≫ Eap625gp-wall Version1.20

Tp-link ≫ Eap610gp-desktop Firmware Version < 1.1.0

   Tp-link ≫ Eap610gp-desktop Version1.0
   Tp-link ≫ Eap610gp-desktop Version1.20
   Tp-link ≫ Eap610gp-desktop Version1.26

Tp-link ≫ Eap650gp-desktop Firmware Version < 1.0.1

Tp-link ≫ Eap650gp-desktop Version1.0

Tp-link ≫ Eap653 Firmware Version < 1.3.3

Tp-link ≫ Eap653 Version1.0

Tp-link ≫ Eap650-outdoor Firmware Version < 1.3.3

Tp-link ≫ Eap650-outdoor Version1.0

Tp-link ≫ Eap230-wall Firmware Version < 3.3.1

Tp-link ≫ Eap230-wall Version1.0

Tp-link ≫ Eap235-wall Firmware Version < 3.3.1

Tp-link ≫ Eap235-wall Version1.0

Tp-link ≫ Eap603-outdoor Firmware Version < 1.5.1

Tp-link ≫ Eap603-outdoor Version1.0

Tp-link ≫ Eap653 Ur Firmware Version < 1.4.2

Tp-link ≫ Eap653 Ur Version1.0

Tp-link ≫ Eap650-desktop Firmware Version < 1.1.0

Tp-link ≫ Eap650-desktop Version1.0

Tp-link ≫ Eap615-wall Firmware Version < 1.1.0

Tp-link ≫ Eap615-wall Version1.0

Tp-link ≫ Eap100-bridge Kit Firmware Version < 1.0.3

Tp-link ≫ Eap100-bridge Kit Version1.0

Tp-link ≫ Er706w-4g Firmware Version < 2.1.0

Tp-link ≫ Er706w-4g Version2.0

Tp-link ≫ Omada Controller SwEdition- Version < 6.0.0.34

   Tp-link ≫ Oc200 Version1
   Tp-link ≫ Oc200 Version2
   Tp-link ≫ Oc300 Version1.6
   Tp-link ≫ Oc400 Version1.6

Tp-link ≫ Omada Controller SwEdition- Version < 5.15.24

Tp-link ≫ Oc220 Version1
Tp-link ≫ Oc220 Version2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.069

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
f23511db-6c3e-4e32-a477-6aa17d310630	6	0	0	CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-760 Use of a One-Way Hash with a Predictable Salt

The product uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product uses a predictable salt as part of the input.

https://support.omadanetworks.com/us/download/

Product

https://support.omadanetworks.com/us/document/114950/

Vendor Advisory

https://support.omadanetworks.com/en/download/

Product

https://nvd.nist.gov/vuln/detail/CVE-2025-9290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-9290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-9290

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-9290