In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in ER605(UN)_v2_2.2.4 Build 020240119.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 18 Sep 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Tp-link
Tp-link omada Er605 Tp-link omada Er605 Firmware |
|
CPEs | cpe:2.3:h:tp-link:omada_er605:2.6:*:*:*:*:*:*:* cpe:2.3:o:tp-link:omada_er605_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Tp-link
Tp-link omada Er605 Tp-link omada Er605 Firmware |

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T13:21:58.870Z
Reserved: 2024-02-06T00:00:00
Link: CVE-2024-25139

Updated: 2024-08-01T23:36:21.785Z

Status : Analyzed
Published: 2024-03-14T16:15:50.077
Modified: 2025-09-18T16:30:09.377
Link: CVE-2024-25139

No data.

Updated: 2025-07-12T22:31:22Z