CVE-2025-9290 - Vulnerability Details

An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

TP-Link Systems Inc.

Omada Software Controller

unaffected

Version	Status	Constraints
`0`	affected	< 6.0.0.24

TP-Link Systems Inc.

Omada Cloud Controller

unaffected

Version	Status	Constraints
`0`	affected	< 6.0.0.100

TP-Link Systems Inc.

Omada Hardware Controller (OC200, OC300, OC400)

unaffected

Version	Status	Constraints
`0`	affected	< 6.0.0.34

TP-Link Systems Inc.

Omada Hardware Controller OC220

unaffected

Version	Status	Constraints
`0`	affected	< 5.15.24

TP-Link Systems Inc.

Omada Gateway (ER605 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.3.2 Build 20251029 Rel.12727

TP-Link Systems Inc.

Omada Gateway (ER7206 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.2.2 Build 20250724 Rel.11109

TP-Link Systems Inc.

Omada Gateway (ER7406, ER706W, ER706-4G)

unaffected

Version	Status	Constraints
`0`	affected	< 1.2.x

TP-Link Systems Inc.

Omada Gateway (ER707-M2, ER-8411)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.x

TP-Link Systems Inc.

Omada Gateway (ER7412-M2, ER706WP-4G, ER703WP-4G-Outdoor, DR3220v-4G, DR3650v, DR3650v-4G)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.0

TP-Link Systems Inc.

Omada Gateway (ER8411)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.5 Build 20251028 Rel.06811

TP-Link Systems Inc.

Omada Gateway (ER706W-4G 2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0 Build 20250810 Rel.77020

TP-Link Systems Inc.

Omada Gateway (ER701-5G-Outdoor)

unaffected

Version	Status	Constraints
`0`	affected	< 1.0.0 Build 20250826 Rel.68862

TP-Link Systems Inc.

Omada Gateway (ER605W 2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.0.2 Build 20250723 Rel.39048

TP-Link Systems Inc.

Omada Gateway ER7212PC 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.2.1 Build 20251027 Rel.75129

TP-Link Systems Inc.

Omada Festa Gateway FR365

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.10 Build 20250626 Rel.81746

TP-Link Systems Inc.

Omada Gateway G36W-4G

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.5 Build 20250710 Rel.62142

TP-Link Systems Inc.

Omada Access Point (EAP660 HD v1.0/v2.0, EAP620 HD v2.0/v3.0/v3.20, EAP610/EAP610-Outdoor v1.0/v2.0, EAP623-Outdoor HD v1.0, EAP625-Outdoor HD v1.0)EAP

unaffected

Version	Status	Constraints
`0`	affected	< 1.6.1

TP-Link Systems Inc.

Omada Access Point (EAP655-Wall v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.6.2 Build 20251107 Rel.35700

TP-Link Systems Inc.

Omada Access Point (EAP772 v1.0, EAP773 v1.0, EAP783 v1.0, EAP787 v1.0, EAP720 v1.0, EAP725-Wall v1.0, EAp723 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.2

TP-Link Systems Inc.

Omada Access Point (EAP723 v1.0, EAP772 v2.0, EAP772-Outdoor v 1.0, EAP770 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.2 Build 20250901 Rel.52255

TP-Link Systems Inc.

Omada Access Point (EAP215 Bridge KIT 3.0, EAP211 Bridge KIT 3.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.4 Build 20251112 Rel.34769

TP-Link Systems Inc.

Omada Beam Bridge 5 UR v1.0

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.5 Build 20250928 Rel.68499

TP-Link Systems Inc.

Omada Access Point (EAP603GP-Desktop, EAP615GP-Wall 1.0/1.20, EAP625GP-Wall 1.0/1.20, EAP610GP-Desktop 1.0/1.20/1.26), EAP650-Desktop v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.0

TP-Link Systems Inc.

Omada Access Point (EAP650GP-Desktop 1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.0.1 Build 20250819 Rel.60298

TP-Link Systems Inc.

Omada Access Point (EAP653 v1.0, EAP650-Outdoor v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.3 Build 20251111 Rel.72627

TP-Link Systems Inc.

Omada Access Point (EAP230-Wall v1.0, EAP235-Wall v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 3.3.1 Build 20251203 Rel.58135

TP-Link Systems Inc.

Omada Access Point (EAP603-Outdoor v1.0, EAP615-Wall v1.0/v1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 1.5.1

TP-Link Systems Inc.

Omada Access Point (EAP653 UR v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.4.2 Build 20251208 Rel.43830

TP-Link Systems Inc.

Omada Access Point (EAP615-Wall v1.0/v1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 1.5.10 Build 20250903 Rel.49784

TP-Link Systems Inc.

Omada EAP100-Bridge KIT v1.0

unaffected

Version	Status	Constraints
`0`	affected	< 1.0.3 Build 20251015 Rel.62058

Configuration 1 [-]

OR	cpe:2.3:a:tp-link:omada_controller:::::-:::*
	cpe:2.3:a:tp-link:omada_controller:::::cloud:::*

Configuration 2 [-]

AND

cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:tp-link:oc220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:tp-link:er605_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er605:2.0:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:tp-link:er7206_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7206:2.0:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:tp-link:er7406_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7406:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:tp-link:er707-m2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er707-m2:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:tp-link:er7412-m2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7412-m2:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:tp-link:er8411_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er8411:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:tp-link:er706w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706w:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706w-4g:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:tp-link:er706wp-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706wp-4g:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:tp-link:dr3220v-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:dr3220v-4g:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:tp-link:dr3650v-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:dr3650v-4g:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:tp-link:dr3650v_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:dr3650v:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er701-5g-outdoor:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:tp-link:er605w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er605w:2.0:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:tp-link:er7212pc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7212pc:2.0:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:tp-link:fr365_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:fr365:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:tp-link:g36w-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:g36w-4g:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:tp-link:eap655-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap655-wall:1.0:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:tp-link:eap660_hd_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap660_hd:1.0:::::::*
	cpe:2.3:h:tp-link:eap660_hd:2.0:::::::*

Configuration 28 [-]

AND

cpe:2.3:o:tp-link:eap620_hd_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap620_hd:3.0:::::::*
	cpe:2.3:h:tp-link:eap620_hd:3.20:::::::*

Configuration 29 [-]

AND

cpe:2.3:o:tp-link:eap610-outdoor_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap610-outdoor:1.0:::::::*
	cpe:2.3:h:tp-link:eap610-outdoor:1.20:::::::*

Configuration 30 [-]

AND

cpe:2.3:o:tp-link:eap610_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap610:1.0:::::::*
	cpe:2.3:h:tp-link:eap610:2.0:::::::*

Configuration 31 [-]

AND

cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap772:2.0:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:tp-link:eap772-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap772-outdoor:1.0:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:tp-link:eap770_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap770:2.0:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap723:1.0:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:tp-link:eap773_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap773:1.0:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:tp-link:eap783_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap783:1.0:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap772:1.0:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:tp-link:eap787_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap787:1.0:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:tp-link:eap720_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap720:1.0:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap723:2.0:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:tp-link:eap725-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap725-wall:1.0:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:tp-link:eap603gp-desktop_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap603gp-desktop:1.0:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:tp-link:eap615gp-wall_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap615gp-wall:1.0:::::::*
	cpe:2.3:h:tp-link:eap615gp-wall:1.20:::::::*

Configuration 49 [-]

AND

cpe:2.3:o:tp-link:eap625gp-wall_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap625gp-wall:1.0:::::::*
	cpe:2.3:h:tp-link:eap625gp-wall:1.20:::::::*

Configuration 50 [-]

AND

cpe:2.3:o:tp-link:eap610gp-desktop_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap610gp-desktop:1.0:::::::*
	cpe:2.3:h:tp-link:eap610gp-desktop:1.20:::::::*
	cpe:2.3:h:tp-link:eap610gp-desktop:1.26:::::::*

Configuration 51 [-]

AND

cpe:2.3:o:tp-link:eap650gp-desktop_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap650gp-desktop:1.0:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:tp-link:eap653_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap653:1.0:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:tp-link:eap650-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap650-outdoor:1.0:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:tp-link:eap230-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap230-wall:1.0:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:tp-link:eap235-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap235-wall:1.0:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:tp-link:eap603-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap603-outdoor:1.0:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:tp-link:eap653_ur_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap653_ur:1.0:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:tp-link:eap650-desktop_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap650-desktop:1.0:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:tp-link:eap615-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap615-wall:1.0:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706w-4g:2.0:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*

OR	cpe:2.3:h:tp-link:oc200:1:::::::*
	cpe:2.3:h:tp-link:oc200:2:::::::*
	cpe:2.3:h:tp-link:oc300:1.6:::::::*
	cpe:2.3:h:tp-link:oc400:1.6:::::::*

Configuration 63 [-]

AND

cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*

OR	cpe:2.3:h:tp-link:oc220:1:::::::*
	cpe:2.3:h:tp-link:oc220:2:::::::*

No data.

Vendor	Product	Confidence	Versions
Tp-link	Omada Access Point	—	—
Tp-link	Omada Controller	—	—
Tp-link	Omada Gateway	—	—
Tp-link	Omada Software Controller	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Subscriptions

Vendors	Products
Tp-link Subscribe	Beam Bridge 5 Ur Subscribe Beam Bridge 5 Ur Firmware Subscribe Dr3220v-4g Subscribe Dr3220v-4g Firmware Subscribe Dr3650v Subscribe Dr3650v-4g Subscribe Dr3650v-4g Firmware Subscribe Dr3650v Firmware Subscribe Eap100-bridge Kit Subscribe Eap100-bridge Kit Firmware Subscribe Eap211 Bridge Kit Subscribe Eap211 Bridge Kit Firmware Subscribe Eap215 Bridge Kit Subscribe Eap215 Bridge Kit Firmware Subscribe Eap230-wall Subscribe Eap230-wall Firmware Subscribe Eap235-wall Subscribe Eap235-wall Firmware Subscribe Eap603-outdoor Subscribe Eap603-outdoor Firmware Subscribe Eap603gp-desktop Subscribe Eap603gp-desktop Firmware Subscribe Eap610 Subscribe Eap610-outdoor Subscribe Eap610-outdoor Firmware Subscribe Eap610 Firmware Subscribe Eap610gp-desktop Subscribe Eap610gp-desktop Firmware Subscribe Eap615-wall Subscribe Eap615-wall Firmware Subscribe Eap615gp-wall Subscribe Eap615gp-wall Firmware Subscribe Eap620 Hd Subscribe Eap620 Hd Firmware Subscribe Eap623-outdoor Hd Subscribe Eap623-outdoor Hd Firmware Subscribe Eap625-outdoor Hd Subscribe Eap625-outdoor Hd Firmware Subscribe Eap625gp-wall Subscribe Eap625gp-wall Firmware Subscribe Eap650-desktop Subscribe Eap650-desktop Firmware Subscribe Eap650-outdoor Subscribe Eap650-outdoor Firmware Subscribe Eap650gp-desktop Subscribe Eap650gp-desktop Firmware Subscribe Eap653 Subscribe Eap653 Firmware Subscribe Eap653 Ur Subscribe Eap653 Ur Firmware Subscribe Eap655-wall Subscribe Eap655-wall Firmware Subscribe Eap660 Hd Subscribe Eap660 Hd Firmware Subscribe Eap720 Subscribe Eap720 Firmware Subscribe Eap723 Subscribe Eap723 Firmware Subscribe Eap725-wall Subscribe Eap725-wall Firmware Subscribe Eap770 Subscribe Eap770 Firmware Subscribe Eap772 Subscribe Eap772-outdoor Subscribe Eap772-outdoor Firmware Subscribe Eap772 Firmware Subscribe Eap773 Subscribe Eap773 Firmware Subscribe Eap783 Subscribe Eap783 Firmware Subscribe Eap787 Subscribe Eap787 Firmware Subscribe Er605 Subscribe Er605 Firmware Subscribe Er605w Subscribe Er605w Firmware Subscribe Er701-5g-outdoor Subscribe Er701-5g-outdoor Firmware Subscribe Er703wp-4g-outdoor Subscribe Er703wp-4g-outdoor Firmware Subscribe Er706w Subscribe Er706w-4g Subscribe Er706w-4g Firmware Subscribe Er706w Firmware Subscribe Er706wp-4g Subscribe Er706wp-4g Firmware Subscribe Er707-m2 Subscribe Er707-m2 Firmware Subscribe Er7206 Subscribe Er7206 Firmware Subscribe Er7212pc Subscribe Er7212pc Firmware Subscribe Er7406 Subscribe Er7406 Firmware Subscribe Er7412-m2 Subscribe Er7412-m2 Firmware Subscribe Er8411 Subscribe Er8411 Firmware Subscribe Fr365 Subscribe Fr365 Firmware Subscribe G36w-4g Subscribe G36w-4g Firmware Subscribe Oc200 Subscribe Oc200 Firmware Subscribe Oc220 Subscribe Oc220 Firmware Subscribe Oc300 Subscribe Oc300 Firmware Subscribe Oc400 Subscribe Oc400 Firmware Subscribe Omada Access Point Subscribe Omada Controller Subscribe Omada Gateway Subscribe Omada Software Controller Subscribe

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://support.omadanetworks.com/en/download/
https://support.omadanetworks.com/us/document/114950/
https://support.omadanetworks.com/us/download/

History

Mon, 16 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link beam Bridge 5 Ur Tp-link beam Bridge 5 Ur Firmware Tp-link dr3220v-4g Tp-link dr3220v-4g Firmware Tp-link dr3650v Tp-link dr3650v-4g Tp-link dr3650v-4g Firmware Tp-link dr3650v Firmware Tp-link eap100-bridge Kit Tp-link eap100-bridge Kit Firmware Tp-link eap211 Bridge Kit Tp-link eap211 Bridge Kit Firmware Tp-link eap215 Bridge Kit Tp-link eap215 Bridge Kit Firmware Tp-link eap230-wall Tp-link eap230-wall Firmware Tp-link eap235-wall Tp-link eap235-wall Firmware Tp-link eap603-outdoor Tp-link eap603-outdoor Firmware Tp-link eap603gp-desktop Tp-link eap603gp-desktop Firmware Tp-link eap610 Tp-link eap610-outdoor Tp-link eap610-outdoor Firmware Tp-link eap610 Firmware Tp-link eap610gp-desktop Tp-link eap610gp-desktop Firmware Tp-link eap615-wall Tp-link eap615-wall Firmware Tp-link eap615gp-wall Tp-link eap615gp-wall Firmware Tp-link eap620 Hd Tp-link eap620 Hd Firmware Tp-link eap623-outdoor Hd Tp-link eap623-outdoor Hd Firmware Tp-link eap625-outdoor Hd Tp-link eap625-outdoor Hd Firmware Tp-link eap625gp-wall Tp-link eap625gp-wall Firmware Tp-link eap650-desktop Tp-link eap650-desktop Firmware Tp-link eap650-outdoor Tp-link eap650-outdoor Firmware Tp-link eap650gp-desktop Tp-link eap650gp-desktop Firmware Tp-link eap653 Tp-link eap653 Firmware Tp-link eap653 Ur Tp-link eap653 Ur Firmware Tp-link eap655-wall Tp-link eap655-wall Firmware Tp-link eap660 Hd Tp-link eap660 Hd Firmware Tp-link eap720 Tp-link eap720 Firmware Tp-link eap723 Tp-link eap723 Firmware Tp-link eap725-wall Tp-link eap725-wall Firmware Tp-link eap770 Tp-link eap770 Firmware Tp-link eap772 Tp-link eap772-outdoor Tp-link eap772-outdoor Firmware Tp-link eap772 Firmware Tp-link eap773 Tp-link eap773 Firmware Tp-link eap783 Tp-link eap783 Firmware Tp-link eap787 Tp-link eap787 Firmware Tp-link er605 Tp-link er605 Firmware Tp-link er605w Tp-link er605w Firmware Tp-link er701-5g-outdoor Tp-link er701-5g-outdoor Firmware Tp-link er703wp-4g-outdoor Tp-link er703wp-4g-outdoor Firmware Tp-link er706w Tp-link er706w-4g Tp-link er706w-4g Firmware Tp-link er706w Firmware Tp-link er706wp-4g Tp-link er706wp-4g Firmware Tp-link er707-m2 Tp-link er707-m2 Firmware Tp-link er7206 Tp-link er7206 Firmware Tp-link er7212pc Tp-link er7212pc Firmware Tp-link er7406 Tp-link er7406 Firmware Tp-link er7412-m2 Tp-link er7412-m2 Firmware Tp-link er8411 Tp-link er8411 Firmware Tp-link fr365 Tp-link fr365 Firmware Tp-link g36w-4g Tp-link g36w-4g Firmware Tp-link oc200 Tp-link oc200 Firmware Tp-link oc220 Tp-link oc220 Firmware Tp-link oc300 Tp-link oc300 Firmware Tp-link oc400 Tp-link oc400 Firmware
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:tp-link:omada_controller:::::-:::* cpe:2.3:a:tp-link:omada_controller:::::cloud:::* cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:::::::* cpe:2.3:h:tp-link:dr3220v-4g:-:::::::* cpe:2.3:h:tp-link:dr3650v-4g:-:::::::* cpe:2.3:h:tp-link:dr3650v:-:::::::* cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:::::::* cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:::::::* cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:::::::* cpe:2.3:h:tp-link:eap230-wall:1.0:::::::* cpe:2.3:h:tp-link:eap235-wall:1.0:::::::* cpe:2.3:h:tp-link:eap603-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap603gp-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap610-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap610-outdoor:1.20:::::::* cpe:2.3:h:tp-link:eap610:1.0:::::::* cpe:2.3:h:tp-link:eap610:2.0:::::::* cpe:2.3:h:tp-link:eap610gp-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap610gp-desktop:1.20:::::::* cpe:2.3:h:tp-link:eap610gp-desktop:1.26:::::::* cpe:2.3:h:tp-link:eap615-wall:1.0:::::::* cpe:2.3:h:tp-link:eap615gp-wall:1.0:::::::* cpe:2.3:h:tp-link:eap615gp-wall:1.20:::::::* cpe:2.3:h:tp-link:eap620_hd:3.0:::::::* cpe:2.3:h:tp-link:eap620_hd:3.20:::::::* cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:::::::* cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:::::::* cpe:2.3:h:tp-link:eap625gp-wall:1.0:::::::* cpe:2.3:h:tp-link:eap625gp-wall:1.20:::::::* cpe:2.3:h:tp-link:eap650-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap650-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap650gp-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap653:1.0:::::::* cpe:2.3:h:tp-link:eap653_ur:1.0:::::::* cpe:2.3:h:tp-link:eap655-wall:1.0:::::::* cpe:2.3:h:tp-link:eap660_hd:1.0:::::::* cpe:2.3:h:tp-link:eap660_hd:2.0:::::::* cpe:2.3:h:tp-link:eap720:1.0:::::::* cpe:2.3:h:tp-link:eap723:1.0:::::::* cpe:2.3:h:tp-link:eap723:2.0:::::::* cpe:2.3:h:tp-link:eap725-wall:1.0:::::::* cpe:2.3:h:tp-link:eap770:2.0:::::::* cpe:2.3:h:tp-link:eap772-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap772:1.0:::::::* cpe:2.3:h:tp-link:eap772:2.0:::::::* cpe:2.3:h:tp-link:eap773:1.0:::::::* cpe:2.3:h:tp-link:eap783:1.0:::::::* cpe:2.3:h:tp-link:eap787:1.0:::::::* cpe:2.3:h:tp-link:er605:2.0:::::::* cpe:2.3:h:tp-link:er605w:2.0:::::::* cpe:2.3:h:tp-link:er701-5g-outdoor:-:::::::* cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:::::::* cpe:2.3:h:tp-link:er706w-4g:-:::::::* cpe:2.3:h:tp-link:er706w-4g:2.0:::::::* cpe:2.3:h:tp-link:er706w:-:::::::* cpe:2.3:h:tp-link:er706wp-4g:-:::::::* cpe:2.3:h:tp-link:er707-m2:-:::::::* cpe:2.3:h:tp-link:er7206:2.0:::::::* cpe:2.3:h:tp-link:er7212pc:2.0:::::::* cpe:2.3:h:tp-link:er7406:-:::::::* cpe:2.3:h:tp-link:er7412-m2:-:::::::* cpe:2.3:h:tp-link:er8411:-:::::::* cpe:2.3:h:tp-link:fr365:-:::::::* cpe:2.3:h:tp-link:g36w-4g:-:::::::* cpe:2.3:h:tp-link:oc200:1:::::::* cpe:2.3:h:tp-link:oc200:2:::::::* cpe:2.3:h:tp-link:oc220:1:::::::* cpe:2.3:h:tp-link:oc220:2:::::::* cpe:2.3:h:tp-link:oc300:1.6:::::::* cpe:2.3:h:tp-link:oc400:1.6:::::::* cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:::::::: cpe:2.3:o:tp-link:dr3220v-4g_firmware:::::::: cpe:2.3:o:tp-link:dr3650v-4g_firmware:::::::: cpe:2.3:o:tp-link:dr3650v_firmware:::::::: cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:::::::: cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:::::::: cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:::::::: cpe:2.3:o:tp-link:eap230-wall_firmware:::::::: cpe:2.3:o:tp-link:eap235-wall_firmware:::::::: cpe:2.3:o:tp-link:eap603-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap603gp-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap610-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap610_firmware:::::::: cpe:2.3:o:tp-link:eap610gp-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap615-wall_firmware:::::::: cpe:2.3:o:tp-link:eap615gp-wall_firmware:::::::: cpe:2.3:o:tp-link:eap620_hd_firmware:::::::: cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:::::::: cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:::::::: cpe:2.3:o:tp-link:eap625gp-wall_firmware:::::::: cpe:2.3:o:tp-link:eap650-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap650-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap650gp-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap653_firmware:::::::: cpe:2.3:o:tp-link:eap653_ur_firmware:::::::: cpe:2.3:o:tp-link:eap655-wall_firmware:::::::: cpe:2.3:o:tp-link:eap660_hd_firmware:::::::: cpe:2.3:o:tp-link:eap720_firmware:::::::: cpe:2.3:o:tp-link:eap723_firmware:::::::: cpe:2.3:o:tp-link:eap725-wall_firmware:::::::: cpe:2.3:o:tp-link:eap770_firmware:::::::: cpe:2.3:o:tp-link:eap772-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap772_firmware:::::::: cpe:2.3:o:tp-link:eap773_firmware:::::::: cpe:2.3:o:tp-link:eap783_firmware:::::::: cpe:2.3:o:tp-link:eap787_firmware:::::::: cpe:2.3:o:tp-link:er605_firmware:::::::: cpe:2.3:o:tp-link:er605w_firmware:::::::: cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:::::::: cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:::::::: cpe:2.3:o:tp-link:er706w-4g_firmware:::::::: cpe:2.3:o:tp-link:er706w_firmware:::::::: cpe:2.3:o:tp-link:er706wp-4g_firmware:::::::: cpe:2.3:o:tp-link:er707-m2_firmware:::::::: cpe:2.3:o:tp-link:er7206_firmware:::::::: cpe:2.3:o:tp-link:er7212pc_firmware:::::::: cpe:2.3:o:tp-link:er7406_firmware:::::::: cpe:2.3:o:tp-link:er7412-m2_firmware:::::::: cpe:2.3:o:tp-link:er8411_firmware:::::::: cpe:2.3:o:tp-link:fr365_firmware:::::::: cpe:2.3:o:tp-link:g36w-4g_firmware:::::::: cpe:2.3:o:tp-link:oc200_firmware:::::::: cpe:2.3:o:tp-link:oc220_firmware:::::::: cpe:2.3:o:tp-link:oc220_firmware:-:::::::* cpe:2.3:o:tp-link:oc300_firmware:::::::: cpe:2.3:o:tp-link:oc400_firmware::::::::
Vendors & Products		Tp-link beam Bridge 5 Ur Tp-link beam Bridge 5 Ur Firmware Tp-link dr3220v-4g Tp-link dr3220v-4g Firmware Tp-link dr3650v Tp-link dr3650v-4g Tp-link dr3650v-4g Firmware Tp-link dr3650v Firmware Tp-link eap100-bridge Kit Tp-link eap100-bridge Kit Firmware Tp-link eap211 Bridge Kit Tp-link eap211 Bridge Kit Firmware Tp-link eap215 Bridge Kit Tp-link eap215 Bridge Kit Firmware Tp-link eap230-wall Tp-link eap230-wall Firmware Tp-link eap235-wall Tp-link eap235-wall Firmware Tp-link eap603-outdoor Tp-link eap603-outdoor Firmware Tp-link eap603gp-desktop Tp-link eap603gp-desktop Firmware Tp-link eap610 Tp-link eap610-outdoor Tp-link eap610-outdoor Firmware Tp-link eap610 Firmware Tp-link eap610gp-desktop Tp-link eap610gp-desktop Firmware Tp-link eap615-wall Tp-link eap615-wall Firmware Tp-link eap615gp-wall Tp-link eap615gp-wall Firmware Tp-link eap620 Hd Tp-link eap620 Hd Firmware Tp-link eap623-outdoor Hd Tp-link eap623-outdoor Hd Firmware Tp-link eap625-outdoor Hd Tp-link eap625-outdoor Hd Firmware Tp-link eap625gp-wall Tp-link eap625gp-wall Firmware Tp-link eap650-desktop Tp-link eap650-desktop Firmware Tp-link eap650-outdoor Tp-link eap650-outdoor Firmware Tp-link eap650gp-desktop Tp-link eap650gp-desktop Firmware Tp-link eap653 Tp-link eap653 Firmware Tp-link eap653 Ur Tp-link eap653 Ur Firmware Tp-link eap655-wall Tp-link eap655-wall Firmware Tp-link eap660 Hd Tp-link eap660 Hd Firmware Tp-link eap720 Tp-link eap720 Firmware Tp-link eap723 Tp-link eap723 Firmware Tp-link eap725-wall Tp-link eap725-wall Firmware Tp-link eap770 Tp-link eap770 Firmware Tp-link eap772 Tp-link eap772-outdoor Tp-link eap772-outdoor Firmware Tp-link eap772 Firmware Tp-link eap773 Tp-link eap773 Firmware Tp-link eap783 Tp-link eap783 Firmware Tp-link eap787 Tp-link eap787 Firmware Tp-link er605 Tp-link er605 Firmware Tp-link er605w Tp-link er605w Firmware Tp-link er701-5g-outdoor Tp-link er701-5g-outdoor Firmware Tp-link er703wp-4g-outdoor Tp-link er703wp-4g-outdoor Firmware Tp-link er706w Tp-link er706w-4g Tp-link er706w-4g Firmware Tp-link er706w Firmware Tp-link er706wp-4g Tp-link er706wp-4g Firmware Tp-link er707-m2 Tp-link er707-m2 Firmware Tp-link er7206 Tp-link er7206 Firmware Tp-link er7212pc Tp-link er7212pc Firmware Tp-link er7406 Tp-link er7406 Firmware Tp-link er7412-m2 Tp-link er7412-m2 Firmware Tp-link er8411 Tp-link er8411 Firmware Tp-link fr365 Tp-link fr365 Firmware Tp-link g36w-4g Tp-link g36w-4g Firmware Tp-link oc200 Tp-link oc200 Firmware Tp-link oc220 Tp-link oc220 Firmware Tp-link oc300 Tp-link oc300 Firmware Tp-link oc400 Tp-link oc400 Firmware
Metrics		cvssV3_1 `{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Fri, 23 Jan 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link Tp-link omada Access Point Tp-link omada Controller Tp-link omada Gateway Tp-link omada Software Controller
Vendors & Products		Tp-link Tp-link omada Access Point Tp-link omada Controller Tp-link omada Gateway Tp-link omada Software Controller

Thu, 22 Jan 2026 23:30:00 +0000

Type	Values Removed	Values Added
Description		An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
Title		Authentication Weakness on Omada Controllers, Gateways and Access Points
Weaknesses		CWE-760
References		https://support.omadanetworks.com/en/download/ https://support.omadanetworks.com/us/document/114950/ https://support.omadanetworks.com/us/download/
Metrics		cvssV4_0 `{'score': 6, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: TPLink

Published: 2026-01-22T23:14:45.823Z

Updated: 2026-01-23T20:04:29.976Z

Reserved: 2025-08-20T22:24:20.340Z

Link: CVE-2025-9290

Vulnrichment

Updated: 2026-01-23T20:04:24.196Z

NVD

Status : Analyzed

Published: 2026-01-23T00:15:52.093

Modified: 2026-03-16T18:07:14.757

Link: CVE-2025-9290

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-01-23T10:27:06Z

Weaknesses

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

Tracking

JSON object

JSON object

JSON object

JSON object

JSON object