CVE-2025-9290

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-9290
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.

5.9 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.omadanetworks.com/en/download/ Product
https://support.omadanetworks.com/us/document/114950/ Vendor Advisory
https://support.omadanetworks.com/us/download/ Product
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*
cpe:2.3:a:tp-link:omada_controller:*:*:*:*:cloud:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:tp-link:oc220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:tp-link:er605_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er605:2.0:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:tp-link:er7206_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7206:2.0:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:tp-link:er7406_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7406:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:tp-link:er707-m2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er707-m2:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:tp-link:er7412-m2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7412-m2:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:tp-link:er8411_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er8411:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:tp-link:er706w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706w:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706w-4g:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:tp-link:er706wp-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706wp-4g:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:tp-link:dr3220v-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:dr3220v-4g:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:tp-link:dr3650v-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:dr3650v-4g:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:tp-link:dr3650v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:dr3650v:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er701-5g-outdoor:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:tp-link:er605w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er605w:2.0:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:tp-link:er7212pc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7212pc:2.0:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:tp-link:fr365_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:fr365:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:tp-link:g36w-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:g36w-4g:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:tp-link:eap655-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap655-wall:1.0:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:tp-link:eap660_hd_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap660_hd:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap660_hd:2.0:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:tp-link:eap620_hd_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap620_hd:3.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap620_hd:3.20:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:tp-link:eap610-outdoor_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap610-outdoor:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610-outdoor:1.20:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:tp-link:eap610_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap610:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610:2.0:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap772:2.0:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:tp-link:eap772-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap772-outdoor:1.0:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:tp-link:eap770_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap770:2.0:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap723:1.0:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:tp-link:eap773_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap773:1.0:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:tp-link:eap783_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap783:1.0:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap772:1.0:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:tp-link:eap787_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap787:1.0:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:tp-link:eap720_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap720:1.0:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap723:2.0:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:tp-link:eap725-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap725-wall:1.0:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:tp-link:eap603gp-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap603gp-desktop:1.0:*:*:*:*:*:*:*

Configuration 48 (hide)

AND
cpe:2.3:o:tp-link:eap615gp-wall_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap615gp-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap615gp-wall:1.20:*:*:*:*:*:*:*

Configuration 49 (hide)

AND
cpe:2.3:o:tp-link:eap625gp-wall_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap625gp-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap625gp-wall:1.20:*:*:*:*:*:*:*

Configuration 50 (hide)

AND
cpe:2.3:o:tp-link:eap610gp-desktop_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:tp-link:eap610gp-desktop:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610gp-desktop:1.20:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610gp-desktop:1.26:*:*:*:*:*:*:*

Configuration 51 (hide)

AND
cpe:2.3:o:tp-link:eap650gp-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap650gp-desktop:1.0:*:*:*:*:*:*:*

Configuration 52 (hide)

AND
cpe:2.3:o:tp-link:eap653_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap653:1.0:*:*:*:*:*:*:*

Configuration 53 (hide)

AND
cpe:2.3:o:tp-link:eap650-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap650-outdoor:1.0:*:*:*:*:*:*:*

Configuration 54 (hide)

AND
cpe:2.3:o:tp-link:eap230-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap230-wall:1.0:*:*:*:*:*:*:*

Configuration 55 (hide)

AND
cpe:2.3:o:tp-link:eap235-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap235-wall:1.0:*:*:*:*:*:*:*

Configuration 56 (hide)

AND
cpe:2.3:o:tp-link:eap603-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap603-outdoor:1.0:*:*:*:*:*:*:*

Configuration 57 (hide)

AND
cpe:2.3:o:tp-link:eap653_ur_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap653_ur:1.0:*:*:*:*:*:*:*

Configuration 58 (hide)

AND
cpe:2.3:o:tp-link:eap650-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap650-desktop:1.0:*:*:*:*:*:*:*

Configuration 59 (hide)

AND
cpe:2.3:o:tp-link:eap615-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap615-wall:1.0:*:*:*:*:*:*:*

Configuration 60 (hide)

AND
cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:*:*:*:*:*:*:*

Configuration 61 (hide)

AND
cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706w-4g:2.0:*:*:*:*:*:*:*

Configuration 62 (hide)

AND
cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*
OR cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*

Configuration 63 (hide)

AND
cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*
OR cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*
History

16 Mar 2026, 18:07

Type Values Removed Values Added
CPE cpe:2.3:o:tp-link:eap772-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap772_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er701-5g-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap653:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap615gp-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap787:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap723:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap230-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7206:2.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er706wp-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er703wp-4g-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap603gp-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er7412-m2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er605:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap615gp-wall:1.20:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er7206_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:fr365:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er605w:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7412-m2:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap211_bridge_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap623-outdoor_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er707-m2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:dr3650v-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap625-outdoor_hd:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap723:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap653_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap211_bridge_kit:3.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap720_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:dr3220v-4g:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap723_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap100-bridge_kit:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er703wp-4g-outdoor:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap720:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er605_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap660_hd:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap620_hd:3.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap725-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap725-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap650-outdoor:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610gp-desktop:1.20:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er707-m2:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap783_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap623-outdoor_hd:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610gp-desktop:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap773_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap650-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap650gp-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er706w-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap603gp-desktop:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er605w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er706w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap610-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap620_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap772:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap230-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap620_hd:3.20:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap772-outdoor:1.0:*:*:*:*:*:*:*
cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*
cpe:2.3:h:tp-link:eap653_ur:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap610gp-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:g36w-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap625gp-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc220:2:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap660_hd:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610-outdoor:1.20:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7212pc:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610gp-desktop:1.26:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap615-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:beam_bridge_5_ur_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap215_bridge_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:dr3650v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er7406:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap650-desktop_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:fr365_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap783:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap615-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap660_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap100-bridge_kit_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er7406_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:oc220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap655-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap235-wall_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap653_ur_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er7212pc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:beam_bridge_5_ur:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap650-desktop:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap787_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap625gp-wall:1.20:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706w-4g:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap610-outdoor:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap770:2.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er701-5g-outdoor:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706w:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706wp-4g:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:er8411_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap625gp-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:a:tp-link:omada_controller:*:*:*:*:cloud:*:*:*
cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:dr3220v-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap650gp-desktop:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap615gp-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap235-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap770_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap655-wall:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap603-outdoor:1.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:dr3650v:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap215_bridge_kit:3.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap603-outdoor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:dr3650v-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er706w-4g:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap773:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:g36w-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap610_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:eap625-outdoor_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:er8411:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:eap772:2.0:*:*:*:*:*:*:*
First Time Tp-link er701-5g-outdoor Firmware
Tp-link er7212pc
Tp-link er707-m2 Firmware
Tp-link eap772-outdoor
Tp-link dr3220v-4g
Tp-link er706w
Tp-link oc200 Firmware
Tp-link eap615-wall
Tp-link eap100-bridge Kit
Tp-link er7212pc Firmware
Tp-link eap603-outdoor Firmware
Tp-link dr3650v
Tp-link g36w-4g
Tp-link dr3650v Firmware
Tp-link eap610-outdoor Firmware
Tp-link fr365
Tp-link eap610gp-desktop Firmware
Tp-link eap723 Firmware
Tp-link eap235-wall Firmware
Tp-link eap787 Firmware
Tp-link er7206
Tp-link eap215 Bridge Kit
Tp-link eap770
Tp-link er605w Firmware
Tp-link eap653 Ur Firmware
Tp-link er605w
Tp-link eap625gp-wall Firmware
Tp-link g36w-4g Firmware
Tp-link eap660 Hd
Tp-link dr3650v-4g
Tp-link eap211 Bridge Kit
Tp-link eap650-desktop Firmware
Tp-link eap603gp-desktop
Tp-link eap650-outdoor Firmware
Tp-link er8411
Tp-link eap655-wall Firmware
Tp-link eap620 Hd Firmware
Tp-link eap650-desktop
Tp-link eap723
Tp-link eap625-outdoor Hd Firmware
Tp-link eap615gp-wall
Tp-link eap623-outdoor Hd
Tp-link eap623-outdoor Hd Firmware
Tp-link oc300
Tp-link eap610gp-desktop
Tp-link eap625-outdoor Hd
Tp-link eap653
Tp-link
Tp-link omada Controller
Tp-link er706wp-4g Firmware
Tp-link eap773
Tp-link er706w-4g Firmware
Tp-link eap655-wall
Tp-link eap610 Firmware
Tp-link eap235-wall
Tp-link eap653 Ur
Tp-link eap720
Tp-link dr3220v-4g Firmware
Tp-link er706w-4g
Tp-link er7412-m2
Tp-link er7406
Tp-link eap215 Bridge Kit Firmware
Tp-link eap100-bridge Kit Firmware
Tp-link eap650gp-desktop Firmware
Tp-link eap772 Firmware
Tp-link eap615gp-wall Firmware
Tp-link dr3650v-4g Firmware
Tp-link eap603-outdoor
Tp-link eap230-wall
Tp-link oc400 Firmware
Tp-link eap720 Firmware
Tp-link eap770 Firmware
Tp-link oc220 Firmware
Tp-link eap230-wall Firmware
Tp-link eap773 Firmware
Tp-link eap787
Tp-link eap772-outdoor Firmware
Tp-link eap660 Hd Firmware
Tp-link eap610
Tp-link er7406 Firmware
Tp-link eap625gp-wall
Tp-link er707-m2
Tp-link er605
Tp-link eap725-wall
Tp-link er706wp-4g
Tp-link fr365 Firmware
Tp-link eap783
Tp-link eap650-outdoor
Tp-link oc220
Tp-link er703wp-4g-outdoor
Tp-link eap615-wall Firmware
Tp-link eap603gp-desktop Firmware
Tp-link eap653 Firmware
Tp-link er7412-m2 Firmware
Tp-link eap783 Firmware
Tp-link oc200
Tp-link oc400
Tp-link eap772
Tp-link eap725-wall Firmware
Tp-link eap610-outdoor
Tp-link er8411 Firmware
Tp-link beam Bridge 5 Ur
Tp-link er706w Firmware
Tp-link er7206 Firmware
Tp-link eap650gp-desktop
Tp-link eap620 Hd
Tp-link beam Bridge 5 Ur Firmware
Tp-link oc300 Firmware
Tp-link eap211 Bridge Kit Firmware
Tp-link er701-5g-outdoor
Tp-link er703wp-4g-outdoor Firmware
Tp-link er605 Firmware
Summary
  • (es) Una debilidad de autenticación fue identificada en los controladores Omada, gateways y puntos de acceso, en la adopción controlador-dispositivo debido a un manejo inadecuado de valores aleatorios. La explotación requiere un posicionamiento de red avanzado y permite a un atacante interceptar el tráfico de adopción y falsificar una autenticación válida mediante precomputación fuera de línea, exponiendo potencialmente información sensible y comprometiendo la confidencialidad.
CWE NVD-CWE-noinfo
References () https://support.omadanetworks.com/en/download/ - () https://support.omadanetworks.com/en/download/ - Product
References () https://support.omadanetworks.com/us/document/114950/ - () https://support.omadanetworks.com/us/document/114950/ - Vendor Advisory
References () https://support.omadanetworks.com/us/download/ - () https://support.omadanetworks.com/us/download/ - Product
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.9

23 Jan 2026, 00:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-01-23 00:15

Updated : 2026-03-16 18:07

NVD link : CVE-2025-9290

Mitre link : CVE-2025-9290

CVE.ORG link : CVE-2025-9290

JSON object : View

Products Affected

tp-link

  • eap772
  • eap787
  • eap625gp-wall_firmware
  • eap653_ur
  • oc400
  • oc220_firmware
  • eap720_firmware
  • eap603-outdoor_firmware
  • er703wp-4g-outdoor_firmware
  • eap615gp-wall
  • er706w-4g_firmware
  • eap603-outdoor
  • eap623-outdoor_hd_firmware
  • eap100-bridge_kit
  • fr365_firmware
  • eap610_firmware
  • eap650-outdoor
  • eap723_firmware
  • er7212pc
  • eap660_hd
  • eap720
  • er701-5g-outdoor
  • er707-m2
  • eap615gp-wall_firmware
  • eap650gp-desktop
  • g36w-4g
  • oc300
  • dr3650v-4g_firmware
  • er7406
  • eap653_ur_firmware
  • eap725-wall
  • eap650-desktop_firmware
  • g36w-4g_firmware
  • eap230-wall_firmware
  • eap787_firmware
  • eap655-wall_firmware
  • eap235-wall_firmware
  • dr3650v_firmware
  • er706wp-4g_firmware
  • eap653
  • er706wp-4g
  • eap625-outdoor_hd
  • eap772_firmware
  • eap650-desktop
  • eap235-wall
  • oc220
  • er706w-4g
  • eap603gp-desktop
  • er8411_firmware
  • oc200
  • er703wp-4g-outdoor
  • eap653_firmware
  • eap610-outdoor_firmware
  • eap211_bridge_kit
  • eap772-outdoor_firmware
  • eap615-wall_firmware
  • er7406_firmware
  • eap772-outdoor
  • fr365
  • er706w
  • er7212pc_firmware
  • eap770_firmware
  • beam_bridge_5_ur
  • er707-m2_firmware
  • dr3220v-4g_firmware
  • er8411
  • eap783_firmware
  • eap610-outdoor
  • oc400_firmware
  • dr3220v-4g
  • er7412-m2_firmware
  • eap603gp-desktop_firmware
  • eap625-outdoor_hd_firmware
  • er7206_firmware
  • eap655-wall
  • eap620_hd_firmware
  • eap610gp-desktop_firmware
  • er706w_firmware
  • eap660_hd_firmware
  • er701-5g-outdoor_firmware
  • er7412-m2
  • eap211_bridge_kit_firmware
  • er7206
  • eap650-outdoor_firmware
  • dr3650v-4g
  • eap625gp-wall
  • eap215_bridge_kit
  • er605
  • eap100-bridge_kit_firmware
  • eap610
  • eap620_hd
  • eap610gp-desktop
  • eap650gp-desktop_firmware
  • er605w
  • eap230-wall
  • eap725-wall_firmware
  • oc300_firmware
  • eap783
  • er605w_firmware
  • eap770
  • eap773_firmware
  • oc200_firmware
  • er605_firmware
  • eap615-wall
  • dr3650v
  • beam_bridge_5_ur_firmware
  • eap623-outdoor_hd
  • eap215_bridge_kit_firmware
  • eap723
  • omada_controller
  • eap773
CWE
CWE-760

Use of a One-Way Hash with a Predictable Salt

NVD-CWE-noinfo