Er605 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-7851	1 Tp-link	27 Er605, Er605 Firmware, Er706w and 24 more	2025-10-24	9.8 Critical
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.
CVE-2025-7850	1 Tp-link	27 Er605, Er605 Firmware, Er706w and 24 more	2025-10-24	7.2 High
A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.
CVE-2025-6542	1 Tp-link	28 Er605, Er605 Firmware, Er706w and 25 more	2025-10-24	9.8 Critical
An arbitrary OS command may be executed on the product by a remote unauthenticated attacker.
CVE-2025-6541	1 Tp-link	28 Er605, Er605 Firmware, Er706w and 25 more	2025-10-24	8.8 High
An arbitrary OS command may be executed on the product by the user who can log in to the web management interface.

Page 1 of 1.