Description
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
Problem types
CWE-760 Use of a One-Way Hash with a Predictable Salt
Product status
Any version before 6.0.0.24
Any version before 6.0.0.100
Any version before 6.0.0.34
Any version before 5.15.24
Any version before 2.3.2 Build 20251029 Rel.12727
Any version before 2.2.2 Build 20250724 Rel.11109
Any version before 1.2.x
Any version before 1.3.x
Any version before 1.1.0
Any version before 1.3.5 Build 20251028 Rel.06811
Any version before 2.1.0 Build 20250810 Rel.77020
Any version before 1.0.0 Build 20250826 Rel.68862
Any version before 2.0.2 Build 20250723 Rel.39048
Any version before 2.2.1 Build 20251027 Rel.75129
Any version before 1.1.10 Build 20250626 Rel.81746
Any version before 1.1.5 Build 20250710 Rel.62142
Any version before 1.6.1
Any version before 1.6.2 Build 20251107 Rel.35700
Any version before 1.1.2
Any version before 1.3.2 Build 20250901 Rel.52255
Any version before 1.1.4 Build 20251112 Rel.34769
Any version before 1.1.5 Build 20250928 Rel.68499
Any version before 1.1.0
Any version before 1.0.1 Build 20250819 Rel.60298
Any version before 1.3.3 Build 20251111 Rel.72627
Any version before 3.3.1 Build 20251203 Rel.58135
Any version before 1.5.1
Any version before 1.4.2 Build 20251208 Rel.43830
Any version before 1.5.10 Build 20250903 Rel.49784
Any version before 1.0.3 Build 20251015 Rel.62058
Credits
Stanislav Dashevskyi and Francesco La Spina of Forescout Technologies
References
support.omadanetworks.com/us/download/
support.omadanetworks.com/en/download/
support.omadanetworks.com/us/document/114950/