Critical Security Vulnerabilities Discovered in TP-Link Omada Gateway Products
Critical Security Vulnerabilities Discovered in TP-Link Omada Gateway Products
- Why Enterprise RAID Rebuilding Succeeds Where Consumer Arrays Fail?
- Linus Torvalds Rejects MMC Subsystem Updates for Linux 7.0: “Complete Garbage”
- The Man Who Maintained Sudo for 30 Years Now Struggles to Fund the Work That Powers Millions of Servers
- How Close Are Quantum Computers to Breaking RSA-2048?
- Why Windows 10 Users Are Flocking to Zorin OS 18 Instead of Linux Mint?
- How to Prevent Ransomware Infection Risks?
- What is the best alternative to Microsoft Office?
Critical Security Vulnerabilities Discovered in TP-Link Omada Gateway Products
October 28, 2024 – Multiple serious security vulnerabilities are discovered and affect 13 TP-Link Omada gateway products, which are enterprise-grade VPN routers.
TP-Link has released updated firmware to address these critical flaws.
Affected Products
The vulnerabilities impact the following TP-Link Omada gateway models running firmware versions prior to the specified builds:
- ER8411 – Prior to firmware 1.3.3 Build 20251013 Rel.44647
- ER7412-M2 – Prior to firmware 1.1.0 Build 20251015 Rel.63594
- ER707-M2 – Prior to firmware 1.3.1 Build 20251009 Rel.67687
- ER7206 – Prior to firmware 2.2.2 Build 20250724 Rel.11109
- ER605 – Prior to firmware 2.3.1 Build 20251015 Rel.78291
- ER706W – Prior to firmware 1.2.1 Build 20250821 Rel.80909
- ER706W-4G – Prior to firmware 1.2.1 Build 20250821 Rel.82492
- ER7212PC – Prior to firmware 2.1.3 Build 20251016 Rel.82571
- G36 – Prior to firmware 1.1.4 Build 20251015 Rel.84206
- G611 – Prior to firmware 1.2.2 Build 20251017 Rel.45512
- FR365 – Prior to firmware 1.1.10 Build 20250626 Rel.81746
- FR205 – Prior to firmware 1.0.3 Build 20251016 Rel.61376
- FR307-M2 – Prior to firmware 1.2.5 Build 20251015 Rel.76743
Vulnerability Details
Two critical OS command injection vulnerabilities have been identified:
CVE-2025-6541: OS Command Injection via Web Management Interface
This vulnerability allows attackers who have successfully logged into the web management interface to execute arbitrary OS commands on the affected devices. The severity ratings are:
- CVSS v4.0 Score: 8.6 (High)
- CVSS v3.1 Score: 7.2 (High)
CVE-2025-6542: OS Command Injection in Multiple Parameters
This more severe vulnerability enables attackers to execute arbitrary OS commands on the devices through multiple parameters. The severity ratings are:
- CVSS v4.0 Score: 9.3 (Critical)
- CVSS v3.1 Score: 9.8 (Critical)
Recommended Actions
TP-Link strongly recommends that all users of affected Omada gateway products immediately update to the latest firmware versions to mitigate these security risks. The updated firmware patches address both vulnerabilities and can be downloaded from TP-Link’s official support website.
Given the critical nature of these vulnerabilities, especially CVE-2025-6542 with its near-maximum severity score, organizations using these devices in their network infrastructure should prioritize this update to prevent potential security breaches and unauthorized system access.
For more information, users can refer to the official security advisories published by TP-Link.
