TP-Hyperlink is warning of two command injection vulnerabilities in Omada gateway gadgets that could possibly be exploited to execute arbitrary OS instructions.
Omada gateways are marketed as full-stack options (router, firewall, VPN gateway) for small to medium companies, and are continually rising in reputation.
Though the 2 security points result in the identical outcome when triggered, solely one in all them, recognized as CVE-2025-6542 with a important severity score of 9.3, will be exploited by a distant attacker with out authentication.
The second flaw is tracked as CVE-2025-6541 and obtained a decrease severity rating of 8.6. Nonetheless, it may be exploited provided that the attacker can log into the net administration interface.
“An arbitrary OS command could also be executed on Omada gateways by the consumer who can log in to the net administration interface or by a distant unauthenticated attacker,” reads TP-Hyperlink’s advisory.
“Attackers might execute arbitrary instructions on the machine’s underlying working system,” the corporate provides.
The chance the 2 vulnerabilities poses is important as it will probably result in a full compromise, information theft, lateral motion, and persistence.
CVE-2025-6541 and CVE-2025-6542 influence 13 Omada gateway fashions within the firmware variations listed beneath:
|
The seller has launched firmware updates that deal with the 2 issues and strongly recommends that customers with impacted gadgets to use the fixes and test the configurations after the improve to make it possible for all settings stay as supposed.
In a separate bulletin, TP-Hyperlink warned of two different extreme flaws that might enable authenticated command injection and root entry beneath sure situations.
The primary is CVE-2025-8750 (CVSS: 9.3), a command injection flaw that may be exploited by attackers holding admin passwords to entry the Omada net portal.
The opposite one is CVE-2025-7851 (CVSS: 8.7), which might allow an attacker to acquire shell entry with root privileges on the underlying OS, restricted to Omada’s privileges.
CVE-2025-7850 and CVE-2025-7851 influence the entire Omada gateway fashions listed within the desk above. It’s value noting that the most recent firmware launch addresses all 4 vulnerabilities.
46% of environments had passwords cracked, almost doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete take a look at extra findings on prevention, detection, and information exfiltration tendencies.
