Lucene search
K
Tp-linkOmada Controller

6 matches found

cve
cve
added 2020/05/04 1:36 p.m.53 views

CVE-2020-12475

The connected sources confirm a concrete vulnerability in TP-Link Omada Controller Software 3.2.6: a directory traversal flaw in com.tp_link.eap.web.portal.PortalController.getAdvertiseFile within /opt/tplink/EAPController/lib/eap-web-3.2.6.jar allows reading arbitrary files. This is a local atta...

5.5CVSS5.6AI score0.0056EPSS
cve
cve
added 2026/01/22 11:14 p.m.36 views

CVE-2025-9290

CVE-2025-9290 describes an authentication weakness in Omada Controllers, Gateways, and Access Points related to improper handling of random values during controller-device adoption. The vulnerability could allow an attacker with adjacent network access to intercept adoption traffic and forge vali...

6CVSS5.5AI score0.00201EPSS
cve
cve
added 2026/01/26 7:35 p.m.23 views

CVE-2025-9522

Technical details about CVE-2025-9522 are not publicly provided in the supplied documents; no affected versions or remediation are disclosed. Monitor for updates.

5.3CVSS5.9AI score0.00243EPSS
cve
cve
added 2026/01/22 9:48 p.m.16 views

CVE-2025-9289

CVE-2025-9289 is a Cross-Site Scripting (XSS) vulnerability in Omada Controllers caused by improper input sanitization in a parameter. Exploitation requires specific conditions (network positioning or impersonating a trusted entity) and interaction from an authenticated administrator, potentially...

5.7CVSS5.8AI score0.00173EPSS
cve
cve
added 2026/01/26 7:34 p.m.14 views

CVE-2025-9520

Technical details (affected products, specific component, root cause, versions, or exploits) are not publicly provided in the connected documents. Monitor for updates from vendors and security advisories.

8.3CVSS5.9AI score0.00394EPSS
cve
cve
added 2026/01/26 7:35 p.m.11 views

CVE-2025-9521

CVE-2025-9521 concerns a Password Confirmation Bypass in Omada Controllers. The trusted-source documents indicate that an attacker with a valid session token can bypass secondary verification and change a user’s password without proper confirmation, weakening account security. Affected product is...

6.5CVSS5.9AI score0.00282EPSS