← Voltar para CVEs
CVE-2026-1668
CRITICAL9.8
Descricao
The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/13/2026
Ultima modificacao4/2/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
tp-link:omada_sg2005p-pdtp-link:omada_sg2005p-pd_firmwaretp-link:omada_sg2008tp-link:omada_sg2008_firmwaretp-link:omada_sg2008ptp-link:omada_sg2008p_firmwaretp-link:omada_sg2016ptp-link:omada_sg2016p_firmwaretp-link:omada_sg2210mptp-link:omada_sg2210mp_firmwaretp-link:omada_sg2210ptp-link:omada_sg2210p_firmwaretp-link:omada_sg2210xmp-m2tp-link:omada_sg2210xmp-m2_firmwaretp-link:omada_sg2218tp-link:omada_sg2218_firmwaretp-link:omada_sg2218ptp-link:omada_sg2218p_firmwaretp-link:omada_sg2428lptp-link:omada_sg2428lp_firmwaretp-link:omada_sg2428ptp-link:omada_sg2428p_firmwaretp-link:omada_sg2452lptp-link:omada_sg2452lp_firmwaretp-link:omada_sg3210tp-link:omada_sg3210_firmwaretp-link:omada_sg3210x-m2tp-link:omada_sg3210x-m2_firmwaretp-link:omada_sg3210xhp-m2tp-link:omada_sg3210xhp-m2_firmwaretp-link:omada_sg3218xp-m2tp-link:omada_sg3218xp-m2_firmwaretp-link:omada_sg3428tp-link:omada_sg3428_firmwaretp-link:omada_sg3428mptp-link:omada_sg3428mp_firmwaretp-link:omada_sg3428xtp-link:omada_sg3428x-m2tp-link:omada_sg3428x-m2_firmwaretp-link:omada_sg3428x_firmwaretp-link:omada_sg3428xftp-link:omada_sg3428xf_firmwaretp-link:omada_sg3428xmptp-link:omada_sg3428xmp_firmwaretp-link:omada_sg3428xmpptp-link:omada_sg3428xmpp_firmwaretp-link:omada_sg3428xpp-m2tp-link:omada_sg3428xpp-m2_firmwaretp-link:omada_sg3452tp-link:omada_sg3452_firmwaretp-link:omada_sg3452ptp-link:omada_sg3452p_firmwaretp-link:omada_sg3452xtp-link:omada_sg3452x_firmwaretp-link:omada_sg3452xmpptp-link:omada_sg3452xmpp_firmwaretp-link:omada_sg3452xptp-link:omada_sg3452xp_firmwaretp-link:omada_sl2428ptp-link:omada_sl2428p_firmwaretp-link:omada_sx3008ftp-link:omada_sx3008f_firmwaretp-link:omada_sx3016ftp-link:omada_sx3016f_firmwaretp-link:omada_sx3032ftp-link:omada_sx3032f_firmwaretp-link:omada_sx3206hpptp-link:omada_sx3206hpp_firmwaretp-link:omada_sx3832tp-link:omada_sx3832_firmwaretp-link:omada_sx3832mpptp-link:omada_sx3832mpp_firmwaretp-link:omada_tl-sg2428ptp-link:omada_tl-sg2428p_firmwaretp-link:omada_tl-sg3428mptp-link:omada_tl-sg3428mp_firmwaretp-link:omada_tl-sg3452ptp-link:omada_tl-sg3452p_firmware
Fraquezas (CWE)
CWE-20CWE-787
Referencias
https://support.omadanetworks.com/au/download/firmware/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://support.omadanetworks.com/en/download/firmware/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://support.omadanetworks.com/us/document/118794/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://support.omadanetworks.com/us/product/(f23511db-6c3e-4e32-a477-6aa17d310630)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.