Home

Description

A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.

PUBLISHED Reserved 2025-07-18 | Published 2025-10-21 | Updated 2025-10-24 | Assigner TPLink




CRITICAL: 9.3CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unknown

Any version before ER8411 1.3.3, ER7412-M2 1.1.0, ER707-M2 1.3.1, ER7206 2.2.2, ER605 2.3.1, ER706W 1.2.1, ER706W-4G 1.2.1, ER7212PC 2.1.3
affected

Default status
unaffected

Any version before FR365 1.1.10, FR205 1.0.3, FR307 1.2.5
affected

Default status
unaffected

Any version before G36 1.1.4, G611 1.2.2
affected

Credits

Stanislav Dashevskyi and Francesco La Spina of Forescout finder

References

support.omadanetworks.com/en/document/108456/ vendor-advisory

www.omadanetworks.com/...siness-networking/all-omada-router/ product

www.omadanetworks.com/...king/omada-pro-router-wired-router/ product

www.tp-link.com/us/business-networking/soho-festa-gateway/ product

www.forescout.com/...rabilities-a-primer-on-rooting-routers/

cve.org (CVE-2025-7850)

nvd.nist.gov (CVE-2025-7850)

Download JSON