ГлавнаяУязвимости → CVE-2025-7850
7.2высокая

CVE-2025-7850

Описание

A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.

Затрагиваемое ПО
Tp-link Er8411 firmwareTp-link Er8411Tp-link Er7412-m2 firmwareTp-link Er7412-m2Tp-link Er707-m2 firmwareTp-link Er707-m2Tp-link Er7206 firmwareTp-link Er7206Tp-link Er605 firmwareTp-link Er605Tp-link Er706w firmwareTp-link Er706wTp-link Er706w-4g firmwareTp-link Er706w-4gTp-link Er7212pc firmwareTp-link Er7212pcTp-link G36 firmwareTp-link G36Tp-link G611 firmwareTp-link G611Tp-link Fr365 firmwareTp-link Fr365Tp-link Fr205 firmwareTp-link Fr205Tp-link Fr307-m2 firmware
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://support.omadanetworks.com/en/document/108456/https://www.forescout.com/blog/new-tp-link-router-vulnerabilities-a-primer-on-rooting-routers/https://www.omadanetworks.com/us/business-networking/all-omada-router/https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/https://www.tp-link.com/us/business-networking/soho-festa-gateway/