Vulnerability in Tp-link Systems Inc. Omada Access Point (Eap215 Bridge Kit 3.0, Eap211 3.0)
CVE-2025-9290
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to…
EPSS: 0.000 (10.8th percentile) — read the EPSS interpretation.
Affected products
- Tp-link Systems Inc. Omada Access Point (Eap215 Bridge Kit 3.0, Eap211 3.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap230-wall V1.0, Eap235-wall V1.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap603gp-desktop, Eap615gp-wall 1.0/1.20, Eap625gp-wall Eap610gp-desktop 1.0/1.20/1.26), Eap650-desktop V1.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap603-outdoor V1.0, Eap615-wall V1.0/v1.20) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap615-wall V1.0/v1.20) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap650gp-desktop 1.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap653 Ur V1.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap653 V1.0, Eap650-outdoor V1.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap655-wall V1.0) — versions 0
- Tp-link Systems Inc. Omada Access Point (Eap660 Hd V1.0/v2.0, Eap620 V2.0/v3.0/v3.20, Eap610/eap610-outdoor Eap623-outdoor V1.0, Eap625-outdoor V1.0)eap — versions 0
Weakness classification (CWE)
References
- support.omadanetworks.com/us/download/ (patch)
- support.omadanetworks.com/en/download/ (patch)
- support.omadanetworks.com/us/document/114950/ (vendor-advisory)