An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XTp Link Beam Bridge 5 Ur
HWTp-Link1.0Tp Link Beam Bridge 5 Ur Firmware
OSTp-Link< 1.1.5Tp Link Dr3220v 4g
HWTp-Linkwszystkie wersjeTp Link Dr3220v 4g Firmware
OSTp-Link< 1.1.0Tp Link Dr3650v
HWTp-Linkwszystkie wersjeTp Link Dr3650v 4g
HWTp-Linkwszystkie wersjeTp Link Dr3650v 4g Firmware
OSTp-Link< 1.1.0Tp Link Dr3650v Firmware
OSTp-Link< 1.1.0Tp Link Eap211 Bridge Kit
HWTp-Link3.0Tp Link Eap211 Bridge Kit Firmware
OSTp-Link< 1.1.4Tp Link Eap215 Bridge Kit
HWTp-Link3.0Tp Link Eap215 Bridge Kit Firmware
OSTp-Link< 1.1.4Tp Link Eap603gp Desktop
HWTp-Link1.0Tp Link Eap603gp Desktop Firmware
OSTp-Link< 1.1.0Tp Link Eap610
HWTp-Link1.02.0Tp Link Eap610 Firmware
OSTp-Link< 1.6.1Tp Link Eap610 Outdoor
HWTp-Link1.01.20Tp Link Eap610 Outdoor Firmware
OSTp-Link< 1.6.1Tp Link Eap615gp Wall
HWTp-Link1.0Tp Link Eap615gp Wall Firmware
OSTp-Link< 1.1.0Tp Link Eap620 Hd
HWTp-Link3.03.20Tp Link Eap620 Hd Firmware
OSTp-Link< 1.6.1Tp Link Eap623 Outdoor Hd
HWTp-Link1.0Tp Link Eap623 Outdoor Hd Firmware
OSTp-Link< 1.6.1Tp Link Eap625 Outdoor Hd
HWTp-Link1.0Tp Link Eap625 Outdoor Hd Firmware
OSTp-Link< 1.6.1Tp Link Eap655 Wall
HWTp-Link1.0Tp Link Eap655 Wall Firmware
OSTp-Link< 1.6.2Tp Link Eap660 Hd
HWTp-Link1.02.0Tp Link Eap660 Hd Firmware
OSTp-Link< 1.6.1
Related vulnerabilities
Zdalne wykonanie poleceń OS bez uwierzytelnienia w routerach TP-Link Omada
Command injection w bramkach Omada (TP-Link) po uwierzytelnieniu admina
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to ma...
An arbitrary OS command may be executed on the product by the user who can log in to the web management interf...
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gate...