CVE-2025-9522 Blind Server-Side Request Forgery (SSRF) in Omada Controller

Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...

EUVD-2025-206347

Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...

CVE-2025-9522

Technical details about CVE-2025-9522 are not publicly provided in the supplied documents; no affected versions or remediation are disclosed. Monitor for updates.

CVE-2025-9522 Blind Server-Side Request Forgery (SSRF) in Omada Controller

Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...

CVE-2025-9521

CVE-2025-9521 concerns a Password Confirmation Bypass in Omada Controllers. The trusted-source documents indicate that an attacker with a valid session token can bypass secondary verification and change a user’s password without proper confirmation, weakening account security. Affected product is...

CVE-2025-9521 Password Confirmation Bypass in Omada Controller

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

CVE-2025-9521 Password Confirmation Bypass in Omada Controller

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

CVE-2025-9520

Technical details (affected products, specific component, root cause, versions, or exploits) are not publicly provided in the connected documents. Monitor for updates from vendors and security advisories.

CVE-2025-9520 IDOR Leading to Owner Account Hijacking in Omada Controller

An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...

CVE-2025-9520 IDOR Leading to Owner Account Hijacking in Omada Controller

An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...

PT-2026-4810

Name of the Vulnerable Software and Affected Versions Omada Controllers affected versions not specified Description A flaw exists in Omada Controllers related to the webhook functionality, allowing for Blind Server-Side Request Forgery SSRF. This issue enables crafted requests to be sent to...

PT-2026-4284

Name of the Vulnerable Software and Affected Versions Omada Controllers affected versions not specified Description A Cross-Site Scripting XSS issue exists in a parameter within Omada Controllers because of insufficient input sanitization. Successful exploitation requires specific conditions,...

EUVD-2018-2243

Malware in sbrugna...

EUVD-2018-2242

Malware in sbrugna...

TP-Link Omada Controller Software Licensing Issue Vulnerability

TP-Link Omada Controller Software is a set of software from Tp-link that supports the management of wireless access points.TP-Link Omada Controller Software versions prior to 5.0.15 are vulnerable to authorization issues, which stem from a lack of authentication measures or insufficient...

TP-LINK Omada Controller Software 安全漏洞

TP-Link Omada Controller Software is a set of software from Tp-link that supports the management of wireless access points.TP-Link Omada Controller Software versions prior to 5.0.15 are vulnerable to authorization issues, which stem from a lack of authentication measures or insufficient...

TP-Link Omada Controller Software Path Traversal Vulnerability

TP-Link Omada Controller Software is a suite of software from China P&L TP-Link that supports the management of wireless access points. A path traversal vulnerability exists in TP-Link Omada Controller Software version 3.2.6. An attacker can exploit this vulnerability to read arbitrary files with...

CVE-2020-12475

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tplink.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar...

Directory traversal

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tplink.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar...

CVE-2020-12475

The connected sources confirm a concrete vulnerability in TP-Link Omada Controller Software 3.2.6: a directory traversal flaw in com.tp_link.eap.web.portal.PortalController.getAdvertiseFile within /opt/tplink/EAPController/lib/eap-web-3.2.6.jar allows reading arbitrary files. This is a local atta...