CVE-2025-9293

{"id": "CVE-2025-9293", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}], "cvssMetricV40": [{"type": "Secondary", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-13T02:16:46.523", "references": [{"url": "https://www.omadanetworks.com/us/support/faq/4969/", "tags": ["Vendor Advisory"], "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}, {"url": "https://www.tp-link.com/us/support/faq/4969/", "tags": ["Vendor Advisory"], "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data."}, {"lang": "es", "value": "Una vulnerabilidad en la l\u00f3gica de validaci\u00f3n de certificados puede permitir a las aplicaciones aceptar identidades de servidor no confiables o validadas incorrectamente durante la comunicaci\u00f3n TLS. Un atacante en una posici\u00f3n de red privilegiada puede ser capaz de interceptar o modificar el tr\u00e1fico si pueden posicionarse dentro del canal de comunicaci\u00f3n. La explotaci\u00f3n exitosa puede comprometer la confidencialidad, la integridad y la disponibilidad de los datos de la aplicaci\u00f3n."}], "lastModified": "2026-04-01T20:49:52.653", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tp-link:aginet:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "917B801C-D1EE-498D-9D89-7CD6FDF22096", "versionEndExcluding": "2.13.6"}, {"criteria": "cpe:2.3:a:tp-link:deco:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74600A45-B793-4C34-9C72-8BAED1555097", "versionEndExcluding": "3.9.163"}, {"criteria": "cpe:2.3:a:tp-link:festa:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C4235A8-87CF-48F8-B0BD-96124FDA850B", "versionEndExcluding": "1.7.1"}, {"criteria": "cpe:2.3:a:tp-link:kasa:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27D5C0B8-67C4-440B-A0B5-B0B4E8126DC5", "versionEndExcluding": "3.4.350"}, {"criteria": "cpe:2.3:a:tp-link:kidshield:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E50BF815-D85D-437C-891E-61B49F6E9AC5", "versionEndExcluding": "1.1.21"}, {"criteria": "cpe:2.3:a:tp-link:omada:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B2DD98D-424D-453A-B472-9E7349E4B887", "versionEndExcluding": "4.25.25"}, {"criteria": "cpe:2.3:a:tp-link:omada_guard:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EE9425F-E87A-4C39-8F4D-3CEEC10B92D6", "versionEndExcluding": "1.1.28"}, {"criteria": "cpe:2.3:a:tp-link:tapo:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "857482B8-F8BA-4F53-BE48-55FC91FD32CF", "versionEndExcluding": "3.14.111"}, {"criteria": "cpe:2.3:a:tp-link:tether:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50BFDEFF-D76D-4AAB-8DDB-4620F5584A08", "versionEndExcluding": "4.12.27"}, {"criteria": "cpe:2.3:a:tp-link:tp-partner:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "682309A2-16A9-483F-A789-0C1A412A7005", "versionEndExcluding": "2.0.1"}, {"criteria": "cpe:2.3:a:tp-link:tpcamera:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE3C3AA7-1F72-466B-B0AA-F26D43E4A301", "versionEndExcluding": "3.2.17"}, {"criteria": "cpe:2.3:a:tp-link:vigi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3563E8AC-D931-4C07-BD5F-D35DB9BC8456", "versionEndExcluding": "2.7.70"}, {"criteria": "cpe:2.3:a:tp-link:wi-fi_navi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF281C-A391-49C2-A826-F2C2E46D820D", "versionEndExcluding": "1.5.5"}, {"criteria": "cpe:2.3:a:tp-link:wifi_toolkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFD2DCF8-1D59-478F-868D-3D503D68B009", "versionEndExcluding": "1.4.28"}], "operator": "OR"}]}], "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630"}