Blind Server-Side Request Forgery (SSRF) in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XTp Link Omada Controller
OSTp-Link< 6.0
Powiązane podatności
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to ma...
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device ...
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper ...
TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link...
Podatność Password Confirmation Bypass w kontrolerach Omada, umożliwiająca atakującemu posiadającemu ważny tok...