- EPSS 0.02%
- Veröffentlicht 22.01.2026 23:14:45
- Zuletzt bearbeitet 26.01.2026 15:04:14
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept a...
CVE-2025-9289
- EPSS 0.05%
- Veröffentlicht 22.01.2026 21:48:35
- Zuletzt bearbeitet 26.01.2026 15:04:14
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interacti...
CVE-2021-44032
- EPSS 0.4%
- Veröffentlicht 10.03.2022 17:44:13
- Zuletzt bearbeitet 21.11.2024 06:30:15
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication process by using the downgraded "no authentication"...