CVE-2018-10168

TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows do not control privileges for usage of the Web API, allowing a low-privilege user to make any request as an Administrator. This is fixed in version 2.6.1Windows...

CVE-2018-10168

TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows do not control privileges for usage of the Web API, allowing a low-privilege user to make any request as an Administrator. This is fixed in version 2.6.1Windows...

CVE-2018-10166

The CVE-2018-10166 issue affects TP-Link EAP Controller and Omada Controller (versions 2.5.4_Windows / 2.6.0_Windows). The web management interface lacks Anti-CSRF tokens in forms, enabling authenticated actions from a user visiting a controlled domain. Core Security details confirm PoCs: ability...

CVE-2018-10166

The web management interface in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows does not have Anti-CSRF tokens in any forms. This would allow an attacker to submit authenticated requests when an authenticated user browses an attack-controlled domain. This is fix...

CVE-2018-10164

Stored Cross-site scripting XSS vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows allows authenticated attackers to inject arbitrary web script or HTML via the implementation of portalPictureUpload functionality. This is fixed in version...

CVE-2018-10168

CVE-2018-10168 affects TP-Link EAP Controller and Omada Controller (v2.5.4_Windows and v2.6.0_Windows). Root causes include improper privilege management on the Web API (allowing a low-privilege user to perform admin actions), a hard-coded key used to encrypt the backup file enabling decryption/m...

CVE-2018-10164

Summary: CVE-2018-10164 is a stored XSS vulnerability in TP-Link EAP Controller and Omada Controller. Affected versions are 2.5.4_Windows and 2.6.0_Windows. The issue arises via portalPictureUpload, enabling an authenticated attacker to inject arbitrary web script/HTML. TP-Link fixed the flaw in ...

CVE-2018-10167

TP-Link EAP Controller and Omada Controller (Windows) versions 2.5.4_Windows and 2.6.0_Windows are affected by CVE-2018-10167 due to a hard-coded cryptographic key used to encrypt the web app backup file. A low-privilege user can decrypt and modify the backup to escalate privileges, including cre...

CVE-2018-10165

TP-Link EAP Controller/Omada Controller (Windows) versions 2.5.4_Windows and 2.6.0_Windows are affected by CVE-2018-10165 (stored XSS) via the userName field in local user creation. Related issues include CVE-2018-10166 (CSRF in Web UI), CVE-2018-10167 (backup decryptor with hard-coded key), CVE-...

CVE-2018-10165

Stored Cross-site scripting XSS vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows allows authenticated attackers to inject arbitrary web script or HTML via the userName parameter in the local user creation functionality. This is fixed in version...

CVE-2018-10167

The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4Windows/2.6.0Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in...