← Voltar para CVEs
CVE-2025-7851
CRITICAL9.8
Descricao
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado10/21/2025
Ultima modificacao10/24/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
tp-link:er605tp-link:er605_firmwaretp-link:er706wtp-link:er706w-4gtp-link:er706w-4g_firmwaretp-link:er706w_firmwaretp-link:er707-m2tp-link:er707-m2_firmwaretp-link:er7206tp-link:er7206_firmwaretp-link:er7212pctp-link:er7212pc_firmwaretp-link:er7412-m2tp-link:er7412-m2_firmwaretp-link:er8411tp-link:er8411_firmwaretp-link:fr205tp-link:fr205_firmwaretp-link:fr307-m2tp-link:fr307-m2_firmwaretp-link:fr365tp-link:fr365_firmwaretp-link:g36tp-link:g36_firmwaretp-link:g611tp-link:g611_firmware
Fraquezas (CWE)
CWE-269
Referencias
https://support.omadanetworks.com/en/document/108456/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.forescout.com/blog/new-tp-link-router-vulnerabilities-a-primer-on-rooting-routers/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.omadanetworks.com/us/business-networking/all-omada-router/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/us/business-networking/soho-festa-gateway/(f23511db-6c3e-4e32-a477-6aa17d310630)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.