CVE-2025-9290
Last modified
CVE-2025-9290 is a medium-severity vulnerability rated 6/10 on the CVSS scale. An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.. EPSS estimates a 0.20% chance of exploitation in the next 30 days.
Description
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Omada Controller | < 6.0.0.24 |
| Tp-Link | Omada Controller | < 6.0.0.100 |
| Tp-Link | Oc200 Firmware | < 1.37.9 |
| Tp-Link | Oc220 Firmware | < 1.1.3 |
| Tp-Link | Oc300 Firmware | < 1.31.9 |
| Tp-Link | Oc400 Firmware | < 1.9.9 |
| Tp-Link | Oc200 Firmware | < 2.22.9 |
| Tp-Link | Oc220 Firmware | All versions |
| Tp-Link | Er605 Firmware | < 2.3.2 |
| Tp-Link | Er7206 Firmware | < 2.2.2 |
| Tp-Link | Er7406 Firmware | < 1.2.2 |
| Tp-Link | Er707-M2 Firmware | < 1.3.1 |
| Tp-Link | Er7412-M2 Firmware | < 1.1.0 |
| Tp-Link | Er8411 Firmware | < 1.3.5 |
| Tp-Link | Er706w Firmware | < 1.2.1 |
| Tp-Link | Er706w-4g Firmware | < 1.2.1 |
| Tp-Link | Er706wp-4g Firmware | < 1.1.0 |
| Tp-Link | Er703wp-4g-Outdoor Firmware | < 1.1.0 |
| Tp-Link | Dr3220v-4g Firmware | < 1.1.0 |
| Tp-Link | Dr3650v-4g Firmware | < 1.1.0 |
| Tp-Link | Dr3650v Firmware | < 1.1.0 |
| Tp-Link | Er701-5g-Outdoor Firmware | < 1.0.0 |
| Tp-Link | Er605w Firmware | < 2.0.2 |
| Tp-Link | Er7212pc Firmware | < 2.2.1 |
| Tp-Link | Fr365 Firmware | < 1.1.10 |
| Tp-Link | G36w-4g Firmware | < 1.1.5 |
| Tp-Link | Eap655-Wall Firmware | < 1.6.2 |
| Tp-Link | Eap660 Hd Firmware | < 1.6.1 |
| Tp-Link | Eap620 Hd Firmware | < 1.6.1 |
| Tp-Link | Eap610-Outdoor Firmware | < 1.6.1 |
| Tp-Link | Eap610 Firmware | < 1.6.1 |
| Tp-Link | Eap623-Outdoor Hd Firmware | < 1.6.1 |
| Tp-Link | Eap625-Outdoor Hd Firmware | < 1.6.1 |
| Tp-Link | Eap772 Firmware | < 1.3.2 |
| Tp-Link | Eap772-Outdoor Firmware | < 1.3.2 |
| Tp-Link | Eap770 Firmware | < 1.3.2 |
| Tp-Link | Eap723 Firmware | < 1.3.2 |
| Tp-Link | Eap773 Firmware | < 1.1.2 |
| Tp-Link | Eap783 Firmware | < 1.1.2 |
| Tp-Link | Eap772 Firmware | < 1.1.2 |
| Tp-Link | Eap787 Firmware | < 1.1.2 |
| Tp-Link | Eap720 Firmware | < 1.1.2 |
| Tp-Link | Eap723 Firmware | < 1.1.2 |
| Tp-Link | Eap725-Wall Firmware | < 1.1.2 |
| Tp-Link | Eap215 Bridge Kit Firmware | < 1.1.4 |
| Tp-Link | Eap211 Bridge Kit Firmware | < 1.1.4 |
| Tp-Link | Beam Bridge 5 Ur Firmware | < 1.1.5 |
| Tp-Link | Eap603gp-Desktop Firmware | < 1.1.0 |
| Tp-Link | Eap615gp-Wall Firmware | < 1.1.0 |
| Tp-Link | Eap625gp-Wall Firmware | < 1.1.0 |
Showing 50 of 64 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-9290?
How severe is CVE-2025-9290?
How do I fix CVE-2025-9290?
Are you affected by CVE-2025-9290?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST