CVE-2025-9290 - Vulnerability Details

- Authentication Weakness on Omada Controllers, Gateways and Access Points

Description

An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.

Published: 2026-01-22

Score: 6 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

TP-Link Systems Inc.

Omada Software Controller

unaffected

Version	Status	Constraints
`0`	affected	< 6.0.0.24

TP-Link Systems Inc.

Omada Cloud Controller

unaffected

Version	Status	Constraints
`0`	affected	< 6.0.0.100

TP-Link Systems Inc.

Omada Hardware Controller (OC200, OC300, OC400)

unaffected

Version	Status	Constraints
`0`	affected	< 6.0.0.34

TP-Link Systems Inc.

Omada Hardware Controller OC220

unaffected

Version	Status	Constraints
`0`	affected	< 5.15.24

TP-Link Systems Inc.

Omada Gateway (ER605 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.3.2 Build 20251029 Rel.12727

TP-Link Systems Inc.

Omada Gateway (ER7206 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.2.2 Build 20250724 Rel.11109

TP-Link Systems Inc.

Omada Gateway (ER7406, ER706W, ER706-4G)

unaffected

Version	Status	Constraints
`0`	affected	< 1.2.x

TP-Link Systems Inc.

Omada Gateway (ER707-M2, ER-8411)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.x

TP-Link Systems Inc.

Omada Gateway (ER7412-M2, ER706WP-4G, ER703WP-4G-Outdoor, DR3220v-4G, DR3650v, DR3650v-4G)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.0

TP-Link Systems Inc.

Omada Gateway (ER8411)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.5 Build 20251028 Rel.06811

TP-Link Systems Inc.

Omada Gateway (ER706W-4G 2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.1.0 Build 20250810 Rel.77020

TP-Link Systems Inc.

Omada Gateway (ER701-5G-Outdoor)

unaffected

Version	Status	Constraints
`0`	affected	< 1.0.0 Build 20250826 Rel.68862

TP-Link Systems Inc.

Omada Gateway (ER605W 2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 2.0.2 Build 20250723 Rel.39048

TP-Link Systems Inc.

Omada Gateway ER7212PC 2.0

unaffected

Version	Status	Constraints
`0`	affected	< 2.2.1 Build 20251027 Rel.75129

TP-Link Systems Inc.

Omada Festa Gateway FR365

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.10 Build 20250626 Rel.81746

TP-Link Systems Inc.

Omada Gateway G36W-4G

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.5 Build 20250710 Rel.62142

TP-Link Systems Inc.

Omada Access Point (EAP660 HD v1.0/v2.0, EAP620 HD v2.0/v3.0/v3.20, EAP610/EAP610-Outdoor v1.0/v2.0, EAP623-Outdoor HD v1.0, EAP625-Outdoor HD v1.0)EAP

unaffected

Version	Status	Constraints
`0`	affected	< 1.6.1

TP-Link Systems Inc.

Omada Access Point (EAP655-Wall v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.6.2 Build 20251107 Rel.35700

TP-Link Systems Inc.

Omada Access Point (EAP772 v1.0, EAP773 v1.0, EAP783 v1.0, EAP787 v1.0, EAP720 v1.0, EAP725-Wall v1.0, EAp723 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.2

TP-Link Systems Inc.

Omada Access Point (EAP723 v1.0, EAP772 v2.0, EAP772-Outdoor v 1.0, EAP770 v2.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.2 Build 20250901 Rel.52255

TP-Link Systems Inc.

Omada Access Point (EAP215 Bridge KIT 3.0, EAP211 Bridge KIT 3.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.4 Build 20251112 Rel.34769

TP-Link Systems Inc.

Omada Beam Bridge 5 UR v1.0

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.5 Build 20250928 Rel.68499

TP-Link Systems Inc.

Omada Access Point (EAP603GP-Desktop, EAP615GP-Wall 1.0/1.20, EAP625GP-Wall 1.0/1.20, EAP610GP-Desktop 1.0/1.20/1.26), EAP650-Desktop v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.1.0

TP-Link Systems Inc.

Omada Access Point (EAP650GP-Desktop 1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.0.1 Build 20250819 Rel.60298

TP-Link Systems Inc.

Omada Access Point (EAP653 v1.0, EAP650-Outdoor v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.3.3 Build 20251111 Rel.72627

TP-Link Systems Inc.

Omada Access Point (EAP230-Wall v1.0, EAP235-Wall v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 3.3.1 Build 20251203 Rel.58135

TP-Link Systems Inc.

Omada Access Point (EAP603-Outdoor v1.0, EAP615-Wall v1.0/v1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 1.5.1

TP-Link Systems Inc.

Omada Access Point (EAP653 UR v1.0)

unaffected

Version	Status	Constraints
`0`	affected	< 1.4.2 Build 20251208 Rel.43830

TP-Link Systems Inc.

Omada Access Point (EAP615-Wall v1.0/v1.20)

unaffected

Version	Status	Constraints
`0`	affected	< 1.5.10 Build 20250903 Rel.49784

TP-Link Systems Inc.

Omada EAP100-Bridge KIT v1.0

unaffected

Version	Status	Constraints
`0`	affected	< 1.0.3 Build 20251015 Rel.62058

Configuration 1 [-]

OR	cpe:2.3:a:tp-link:omada_controller:::::-:::*
	cpe:2.3:a:tp-link:omada_controller:::::cloud:::*

Configuration 2 [-]

AND

cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:tp-link:oc220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:tp-link:er605_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er605:2.0:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:tp-link:er7206_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7206:2.0:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:tp-link:er7406_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7406:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:tp-link:er707-m2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er707-m2:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:tp-link:er7412-m2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7412-m2:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:tp-link:er8411_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er8411:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:tp-link:er706w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706w:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706w-4g:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:tp-link:er706wp-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706wp-4g:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:tp-link:dr3220v-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:dr3220v-4g:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:tp-link:dr3650v-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:dr3650v-4g:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:tp-link:dr3650v_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:dr3650v:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er701-5g-outdoor:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:tp-link:er605w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er605w:2.0:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:tp-link:er7212pc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7212pc:2.0:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:tp-link:fr365_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:fr365:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:tp-link:g36w-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:g36w-4g:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:tp-link:eap655-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap655-wall:1.0:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:tp-link:eap660_hd_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap660_hd:1.0:::::::*
	cpe:2.3:h:tp-link:eap660_hd:2.0:::::::*

Configuration 28 [-]

AND

cpe:2.3:o:tp-link:eap620_hd_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap620_hd:3.0:::::::*
	cpe:2.3:h:tp-link:eap620_hd:3.20:::::::*

Configuration 29 [-]

AND

cpe:2.3:o:tp-link:eap610-outdoor_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap610-outdoor:1.0:::::::*
	cpe:2.3:h:tp-link:eap610-outdoor:1.20:::::::*

Configuration 30 [-]

AND

cpe:2.3:o:tp-link:eap610_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap610:1.0:::::::*
	cpe:2.3:h:tp-link:eap610:2.0:::::::*

Configuration 31 [-]

AND

cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap772:2.0:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:tp-link:eap772-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap772-outdoor:1.0:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:tp-link:eap770_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap770:2.0:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap723:1.0:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:tp-link:eap773_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap773:1.0:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:tp-link:eap783_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap783:1.0:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap772:1.0:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:tp-link:eap787_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap787:1.0:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:tp-link:eap720_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap720:1.0:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap723:2.0:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:tp-link:eap725-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap725-wall:1.0:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:tp-link:eap603gp-desktop_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap603gp-desktop:1.0:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:tp-link:eap615gp-wall_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap615gp-wall:1.0:::::::*
	cpe:2.3:h:tp-link:eap615gp-wall:1.20:::::::*

Configuration 49 [-]

AND

cpe:2.3:o:tp-link:eap625gp-wall_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap625gp-wall:1.0:::::::*
	cpe:2.3:h:tp-link:eap625gp-wall:1.20:::::::*

Configuration 50 [-]

AND

cpe:2.3:o:tp-link:eap610gp-desktop_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:tp-link:eap610gp-desktop:1.0:::::::*
	cpe:2.3:h:tp-link:eap610gp-desktop:1.20:::::::*
	cpe:2.3:h:tp-link:eap610gp-desktop:1.26:::::::*

Configuration 51 [-]

AND

cpe:2.3:o:tp-link:eap650gp-desktop_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap650gp-desktop:1.0:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:tp-link:eap653_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap653:1.0:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:tp-link:eap650-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap650-outdoor:1.0:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:tp-link:eap230-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap230-wall:1.0:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:tp-link:eap235-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap235-wall:1.0:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:tp-link:eap603-outdoor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap603-outdoor:1.0:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:tp-link:eap653_ur_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap653_ur:1.0:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:tp-link:eap650-desktop_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap650-desktop:1.0:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:tp-link:eap615-wall_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap615-wall:1.0:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:er706w-4g:2.0:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*

OR	cpe:2.3:h:tp-link:oc200:1:::::::*
	cpe:2.3:h:tp-link:oc200:2:::::::*
	cpe:2.3:h:tp-link:oc300:1.6:::::::*
	cpe:2.3:h:tp-link:oc400:1.6:::::::*

Configuration 63 [-]

AND

cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*

OR	cpe:2.3:h:tp-link:oc220:1:::::::*
	cpe:2.3:h:tp-link:oc220:2:::::::*

No data.

Vendor	Product	Confidence	Versions
Tp-link	Omada Access Point	—	—
Tp-link	Omada Controller	—	—
Tp-link	Omada Gateway	—	—
Tp-link	Omada Software Controller	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://support.omadanetworks.com/en/download/
https://support.omadanetworks.com/us/document/114950/
https://support.omadanetworks.com/us/download/

History

Mon, 16 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link beam Bridge 5 Ur Tp-link beam Bridge 5 Ur Firmware Tp-link dr3220v-4g Tp-link dr3220v-4g Firmware Tp-link dr3650v Tp-link dr3650v-4g Tp-link dr3650v-4g Firmware Tp-link dr3650v Firmware Tp-link eap100-bridge Kit Tp-link eap100-bridge Kit Firmware Tp-link eap211 Bridge Kit Tp-link eap211 Bridge Kit Firmware Tp-link eap215 Bridge Kit Tp-link eap215 Bridge Kit Firmware Tp-link eap230-wall Tp-link eap230-wall Firmware Tp-link eap235-wall Tp-link eap235-wall Firmware Tp-link eap603-outdoor Tp-link eap603-outdoor Firmware Tp-link eap603gp-desktop Tp-link eap603gp-desktop Firmware Tp-link eap610 Tp-link eap610-outdoor Tp-link eap610-outdoor Firmware Tp-link eap610 Firmware Tp-link eap610gp-desktop Tp-link eap610gp-desktop Firmware Tp-link eap615-wall Tp-link eap615-wall Firmware Tp-link eap615gp-wall Tp-link eap615gp-wall Firmware Tp-link eap620 Hd Tp-link eap620 Hd Firmware Tp-link eap623-outdoor Hd Tp-link eap623-outdoor Hd Firmware Tp-link eap625-outdoor Hd Tp-link eap625-outdoor Hd Firmware Tp-link eap625gp-wall Tp-link eap625gp-wall Firmware Tp-link eap650-desktop Tp-link eap650-desktop Firmware Tp-link eap650-outdoor Tp-link eap650-outdoor Firmware Tp-link eap650gp-desktop Tp-link eap650gp-desktop Firmware Tp-link eap653 Tp-link eap653 Firmware Tp-link eap653 Ur Tp-link eap653 Ur Firmware Tp-link eap655-wall Tp-link eap655-wall Firmware Tp-link eap660 Hd Tp-link eap660 Hd Firmware Tp-link eap720 Tp-link eap720 Firmware Tp-link eap723 Tp-link eap723 Firmware Tp-link eap725-wall Tp-link eap725-wall Firmware Tp-link eap770 Tp-link eap770 Firmware Tp-link eap772 Tp-link eap772-outdoor Tp-link eap772-outdoor Firmware Tp-link eap772 Firmware Tp-link eap773 Tp-link eap773 Firmware Tp-link eap783 Tp-link eap783 Firmware Tp-link eap787 Tp-link eap787 Firmware Tp-link er605 Tp-link er605 Firmware Tp-link er605w Tp-link er605w Firmware Tp-link er701-5g-outdoor Tp-link er701-5g-outdoor Firmware Tp-link er703wp-4g-outdoor Tp-link er703wp-4g-outdoor Firmware Tp-link er706w Tp-link er706w-4g Tp-link er706w-4g Firmware Tp-link er706w Firmware Tp-link er706wp-4g Tp-link er706wp-4g Firmware Tp-link er707-m2 Tp-link er707-m2 Firmware Tp-link er7206 Tp-link er7206 Firmware Tp-link er7212pc Tp-link er7212pc Firmware Tp-link er7406 Tp-link er7406 Firmware Tp-link er7412-m2 Tp-link er7412-m2 Firmware Tp-link er8411 Tp-link er8411 Firmware Tp-link fr365 Tp-link fr365 Firmware Tp-link g36w-4g Tp-link g36w-4g Firmware Tp-link oc200 Tp-link oc200 Firmware Tp-link oc220 Tp-link oc220 Firmware Tp-link oc300 Tp-link oc300 Firmware Tp-link oc400 Tp-link oc400 Firmware
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:tp-link:omada_controller:::::-:::* cpe:2.3:a:tp-link:omada_controller:::::cloud:::* cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:::::::* cpe:2.3:h:tp-link:dr3220v-4g:-:::::::* cpe:2.3:h:tp-link:dr3650v-4g:-:::::::* cpe:2.3:h:tp-link:dr3650v:-:::::::* cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:::::::* cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:::::::* cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:::::::* cpe:2.3:h:tp-link:eap230-wall:1.0:::::::* cpe:2.3:h:tp-link:eap235-wall:1.0:::::::* cpe:2.3:h:tp-link:eap603-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap603gp-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap610-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap610-outdoor:1.20:::::::* cpe:2.3:h:tp-link:eap610:1.0:::::::* cpe:2.3:h:tp-link:eap610:2.0:::::::* cpe:2.3:h:tp-link:eap610gp-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap610gp-desktop:1.20:::::::* cpe:2.3:h:tp-link:eap610gp-desktop:1.26:::::::* cpe:2.3:h:tp-link:eap615-wall:1.0:::::::* cpe:2.3:h:tp-link:eap615gp-wall:1.0:::::::* cpe:2.3:h:tp-link:eap615gp-wall:1.20:::::::* cpe:2.3:h:tp-link:eap620_hd:3.0:::::::* cpe:2.3:h:tp-link:eap620_hd:3.20:::::::* cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:::::::* cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:::::::* cpe:2.3:h:tp-link:eap625gp-wall:1.0:::::::* cpe:2.3:h:tp-link:eap625gp-wall:1.20:::::::* cpe:2.3:h:tp-link:eap650-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap650-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap650gp-desktop:1.0:::::::* cpe:2.3:h:tp-link:eap653:1.0:::::::* cpe:2.3:h:tp-link:eap653_ur:1.0:::::::* cpe:2.3:h:tp-link:eap655-wall:1.0:::::::* cpe:2.3:h:tp-link:eap660_hd:1.0:::::::* cpe:2.3:h:tp-link:eap660_hd:2.0:::::::* cpe:2.3:h:tp-link:eap720:1.0:::::::* cpe:2.3:h:tp-link:eap723:1.0:::::::* cpe:2.3:h:tp-link:eap723:2.0:::::::* cpe:2.3:h:tp-link:eap725-wall:1.0:::::::* cpe:2.3:h:tp-link:eap770:2.0:::::::* cpe:2.3:h:tp-link:eap772-outdoor:1.0:::::::* cpe:2.3:h:tp-link:eap772:1.0:::::::* cpe:2.3:h:tp-link:eap772:2.0:::::::* cpe:2.3:h:tp-link:eap773:1.0:::::::* cpe:2.3:h:tp-link:eap783:1.0:::::::* cpe:2.3:h:tp-link:eap787:1.0:::::::* cpe:2.3:h:tp-link:er605:2.0:::::::* cpe:2.3:h:tp-link:er605w:2.0:::::::* cpe:2.3:h:tp-link:er701-5g-outdoor:-:::::::* cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:::::::* cpe:2.3:h:tp-link:er706w-4g:-:::::::* cpe:2.3:h:tp-link:er706w-4g:2.0:::::::* cpe:2.3:h:tp-link:er706w:-:::::::* cpe:2.3:h:tp-link:er706wp-4g:-:::::::* cpe:2.3:h:tp-link:er707-m2:-:::::::* cpe:2.3:h:tp-link:er7206:2.0:::::::* cpe:2.3:h:tp-link:er7212pc:2.0:::::::* cpe:2.3:h:tp-link:er7406:-:::::::* cpe:2.3:h:tp-link:er7412-m2:-:::::::* cpe:2.3:h:tp-link:er8411:-:::::::* cpe:2.3:h:tp-link:fr365:-:::::::* cpe:2.3:h:tp-link:g36w-4g:-:::::::* cpe:2.3:h:tp-link:oc200:1:::::::* cpe:2.3:h:tp-link:oc200:2:::::::* cpe:2.3:h:tp-link:oc220:1:::::::* cpe:2.3:h:tp-link:oc220:2:::::::* cpe:2.3:h:tp-link:oc300:1.6:::::::* cpe:2.3:h:tp-link:oc400:1.6:::::::* cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:::::::: cpe:2.3:o:tp-link:dr3220v-4g_firmware:::::::: cpe:2.3:o:tp-link:dr3650v-4g_firmware:::::::: cpe:2.3:o:tp-link:dr3650v_firmware:::::::: cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:::::::: cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:::::::: cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:::::::: cpe:2.3:o:tp-link:eap230-wall_firmware:::::::: cpe:2.3:o:tp-link:eap235-wall_firmware:::::::: cpe:2.3:o:tp-link:eap603-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap603gp-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap610-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap610_firmware:::::::: cpe:2.3:o:tp-link:eap610gp-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap615-wall_firmware:::::::: cpe:2.3:o:tp-link:eap615gp-wall_firmware:::::::: cpe:2.3:o:tp-link:eap620_hd_firmware:::::::: cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:::::::: cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:::::::: cpe:2.3:o:tp-link:eap625gp-wall_firmware:::::::: cpe:2.3:o:tp-link:eap650-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap650-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap650gp-desktop_firmware:::::::: cpe:2.3:o:tp-link:eap653_firmware:::::::: cpe:2.3:o:tp-link:eap653_ur_firmware:::::::: cpe:2.3:o:tp-link:eap655-wall_firmware:::::::: cpe:2.3:o:tp-link:eap660_hd_firmware:::::::: cpe:2.3:o:tp-link:eap720_firmware:::::::: cpe:2.3:o:tp-link:eap723_firmware:::::::: cpe:2.3:o:tp-link:eap725-wall_firmware:::::::: cpe:2.3:o:tp-link:eap770_firmware:::::::: cpe:2.3:o:tp-link:eap772-outdoor_firmware:::::::: cpe:2.3:o:tp-link:eap772_firmware:::::::: cpe:2.3:o:tp-link:eap773_firmware:::::::: cpe:2.3:o:tp-link:eap783_firmware:::::::: cpe:2.3:o:tp-link:eap787_firmware:::::::: cpe:2.3:o:tp-link:er605_firmware:::::::: cpe:2.3:o:tp-link:er605w_firmware:::::::: cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:::::::: cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:::::::: cpe:2.3:o:tp-link:er706w-4g_firmware:::::::: cpe:2.3:o:tp-link:er706w_firmware:::::::: cpe:2.3:o:tp-link:er706wp-4g_firmware:::::::: cpe:2.3:o:tp-link:er707-m2_firmware:::::::: cpe:2.3:o:tp-link:er7206_firmware:::::::: cpe:2.3:o:tp-link:er7212pc_firmware:::::::: cpe:2.3:o:tp-link:er7406_firmware:::::::: cpe:2.3:o:tp-link:er7412-m2_firmware:::::::: cpe:2.3:o:tp-link:er8411_firmware:::::::: cpe:2.3:o:tp-link:fr365_firmware:::::::: cpe:2.3:o:tp-link:g36w-4g_firmware:::::::: cpe:2.3:o:tp-link:oc200_firmware:::::::: cpe:2.3:o:tp-link:oc220_firmware:::::::: cpe:2.3:o:tp-link:oc220_firmware:-:::::::* cpe:2.3:o:tp-link:oc300_firmware:::::::: cpe:2.3:o:tp-link:oc400_firmware::::::::
Vendors & Products		Tp-link beam Bridge 5 Ur Tp-link beam Bridge 5 Ur Firmware Tp-link dr3220v-4g Tp-link dr3220v-4g Firmware Tp-link dr3650v Tp-link dr3650v-4g Tp-link dr3650v-4g Firmware Tp-link dr3650v Firmware Tp-link eap100-bridge Kit Tp-link eap100-bridge Kit Firmware Tp-link eap211 Bridge Kit Tp-link eap211 Bridge Kit Firmware Tp-link eap215 Bridge Kit Tp-link eap215 Bridge Kit Firmware Tp-link eap230-wall Tp-link eap230-wall Firmware Tp-link eap235-wall Tp-link eap235-wall Firmware Tp-link eap603-outdoor Tp-link eap603-outdoor Firmware Tp-link eap603gp-desktop Tp-link eap603gp-desktop Firmware Tp-link eap610 Tp-link eap610-outdoor Tp-link eap610-outdoor Firmware Tp-link eap610 Firmware Tp-link eap610gp-desktop Tp-link eap610gp-desktop Firmware Tp-link eap615-wall Tp-link eap615-wall Firmware Tp-link eap615gp-wall Tp-link eap615gp-wall Firmware Tp-link eap620 Hd Tp-link eap620 Hd Firmware Tp-link eap623-outdoor Hd Tp-link eap623-outdoor Hd Firmware Tp-link eap625-outdoor Hd Tp-link eap625-outdoor Hd Firmware Tp-link eap625gp-wall Tp-link eap625gp-wall Firmware Tp-link eap650-desktop Tp-link eap650-desktop Firmware Tp-link eap650-outdoor Tp-link eap650-outdoor Firmware Tp-link eap650gp-desktop Tp-link eap650gp-desktop Firmware Tp-link eap653 Tp-link eap653 Firmware Tp-link eap653 Ur Tp-link eap653 Ur Firmware Tp-link eap655-wall Tp-link eap655-wall Firmware Tp-link eap660 Hd Tp-link eap660 Hd Firmware Tp-link eap720 Tp-link eap720 Firmware Tp-link eap723 Tp-link eap723 Firmware Tp-link eap725-wall Tp-link eap725-wall Firmware Tp-link eap770 Tp-link eap770 Firmware Tp-link eap772 Tp-link eap772-outdoor Tp-link eap772-outdoor Firmware Tp-link eap772 Firmware Tp-link eap773 Tp-link eap773 Firmware Tp-link eap783 Tp-link eap783 Firmware Tp-link eap787 Tp-link eap787 Firmware Tp-link er605 Tp-link er605 Firmware Tp-link er605w Tp-link er605w Firmware Tp-link er701-5g-outdoor Tp-link er701-5g-outdoor Firmware Tp-link er703wp-4g-outdoor Tp-link er703wp-4g-outdoor Firmware Tp-link er706w Tp-link er706w-4g Tp-link er706w-4g Firmware Tp-link er706w Firmware Tp-link er706wp-4g Tp-link er706wp-4g Firmware Tp-link er707-m2 Tp-link er707-m2 Firmware Tp-link er7206 Tp-link er7206 Firmware Tp-link er7212pc Tp-link er7212pc Firmware Tp-link er7406 Tp-link er7406 Firmware Tp-link er7412-m2 Tp-link er7412-m2 Firmware Tp-link er8411 Tp-link er8411 Firmware Tp-link fr365 Tp-link fr365 Firmware Tp-link g36w-4g Tp-link g36w-4g Firmware Tp-link oc200 Tp-link oc200 Firmware Tp-link oc220 Tp-link oc220 Firmware Tp-link oc300 Tp-link oc300 Firmware Tp-link oc400 Tp-link oc400 Firmware
Metrics		cvssV3_1 `{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Fri, 23 Jan 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link Tp-link omada Access Point Tp-link omada Controller Tp-link omada Gateway Tp-link omada Software Controller
Vendors & Products		Tp-link Tp-link omada Access Point Tp-link omada Controller Tp-link omada Gateway Tp-link omada Software Controller

Thu, 22 Jan 2026 23:30:00 +0000

Type	Values Removed	Values Added
Description		An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
Title		Authentication Weakness on Omada Controllers, Gateways and Access Points
Weaknesses		CWE-760
References		https://support.omadanetworks.com/en/download/ https://support.omadanetworks.com/us/document/114950/ https://support.omadanetworks.com/us/download/
Metrics		cvssV4_0 `{'score': 6, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

Subscriptions

Tp-link Beam Bridge 5 Ur Beam Bridge 5 Ur Firmware Dr3220v-4g Dr3220v-4g Firmware Dr3650v Dr3650v-4g Dr3650v-4g Firmware Dr3650v Firmware Eap100-bridge Kit Eap100-bridge Kit Firmware Eap211 Bridge Kit Eap211 Bridge Kit Firmware Eap215 Bridge Kit Eap215 Bridge Kit Firmware Eap230-wall Eap230-wall Firmware Eap235-wall Eap235-wall Firmware Eap603-outdoor Eap603-outdoor Firmware Eap603gp-desktop Eap603gp-desktop Firmware Eap610 Eap610-outdoor Eap610-outdoor Firmware Eap610 Firmware Eap610gp-desktop Eap610gp-desktop Firmware Eap615-wall Eap615-wall Firmware Eap615gp-wall Eap615gp-wall Firmware Eap620 Hd Eap620 Hd Firmware Eap623-outdoor Hd Eap623-outdoor Hd Firmware Eap625-outdoor Hd Eap625-outdoor Hd Firmware Eap625gp-wall Eap625gp-wall Firmware Eap650-desktop Eap650-desktop Firmware Eap650-outdoor Eap650-outdoor Firmware Eap650gp-desktop Eap650gp-desktop Firmware Eap653 Eap653 Firmware Eap653 Ur Eap653 Ur Firmware Eap655-wall Eap655-wall Firmware Eap660 Hd Eap660 Hd Firmware Eap720 Eap720 Firmware Eap723 Eap723 Firmware Eap725-wall Eap725-wall Firmware Eap770 Eap770 Firmware Eap772 Eap772-outdoor Eap772-outdoor Firmware Eap772 Firmware Eap773 Eap773 Firmware Eap783 Eap783 Firmware Eap787 Eap787 Firmware Er605 Er605 Firmware Er605w Er605w Firmware Er701-5g-outdoor Er701-5g-outdoor Firmware Er703wp-4g-outdoor Er703wp-4g-outdoor Firmware Er706w Er706w-4g Er706w-4g Firmware Er706w Firmware Er706wp-4g Er706wp-4g Firmware Er707-m2 Er707-m2 Firmware Er7206 Er7206 Firmware Er7212pc Er7212pc Firmware Er7406 Er7406 Firmware Er7412-m2 Er7412-m2 Firmware Er8411 Er8411 Firmware Fr365 Fr365 Firmware G36w-4g G36w-4g Firmware Oc200 Oc200 Firmware Oc220 Oc220 Firmware Oc300 Oc300 Firmware Oc400 Oc400 Firmware Omada Access Point Omada Controller Omada Gateway Omada Software Controller

MITRE

Status: PUBLISHED

Assigner: TPLink

Published: 2026-01-22T23:14:45.823Z

Updated: 2026-01-23T20:04:29.976Z

Reserved: 2025-08-20T22:24:20.340Z

Link: CVE-2025-9290

Vulnrichment

Updated: 2026-01-23T20:04:24.196Z

NVD

Status : Analyzed

Published: 2026-01-23T00:15:52.093

Modified: 2026-03-16T18:07:14.757

Link: CVE-2025-9290

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-01-23T10:27:06Z

Weaknesses

Tracking

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object