28 matches found
CVE-2025-9521
Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...
CVE-2025-9520
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...
CVE-2025-9522
Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...
CVE-2025-9522
Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...
CVE-2025-9522
Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...
CVE-2025-9521
Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...
CVE-2025-9520
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...
CVE-2025-9521
Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...
CVE-2025-9520
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...
CVE-2025-9522
Blind Server-Side Request Forgery SSRF in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information...
CVE-2025-9521
Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...
EUVD-2025-206348
Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...
EUVD-2025-206335
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...
CVE-2025-9520
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account...
TP-Link Omada controllers have security vulnerabilities
TP-Link Omada Controllers are a series of centralized management platforms developed by TP-Link Corporation. The TP-Link Omada Controllers have security vulnerabilities, where the password verification process can be bypassed, potentially weakening the security of accounts...
PT-2026-4808
Name of the Vulnerable Software and Affected Versions Omada Controllers affected versions not specified Description An IDOR Insecure Direct Object Reference issue exists in Omada Controllers. An attacker with Administrator permissions can manipulate requests and potentially hijack the Owner...
TP-Link Omada controllers have security vulnerabilities
TP-Link Omada Controllers are a series of centralized management platforms developed by TP-Link Corporation. The TP-Link Omada Controllers have security vulnerabilities, which stem from the webhook function’s vulnerability involving forged server-side requests, potentially leading to information...
PT-2026-4809
Name of the Vulnerable Software and Affected Versions Omada Controllers affected versions not specified Description A security issue exists in Omada Controllers that allows an attacker possessing a valid session token to bypass secondary verification. This bypass enables the attacker to alter a...
CVE-2025-9289
A Cross-Site Scripting XSS vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If...
EUVD-2025-206326
A Cross-Site Scripting XSS vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If...