CVE-2025-7850
CRITICAL EPSS 80.0%
Published Oct 21, 20258mo ago · Modified Jun 17, 20262w ago
9.3 CVSS 4.0
Published Oct 21, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago
Description
A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Attack Vector Adjacent
Attack Complexity Low
Privileges Required High
User Interaction None
Scope X
Threat Intelligence
EPSS Exploit Probability
80.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-78 OS Command Injection Injection
Affected Products 39
| Vendor | Product | Version | Range |
|---|---|---|---|
| tp-link | er8411_firmware | * | <1.3.3 |
| tp-link | er8411_firmware | 1.3.3 | any |
| tp-link | er8411 | * | any |
| tp-link | er7412-m2_firmware | * | <1.1.0 |
| tp-link | er7412-m2_firmware | 1.1.0 | any |
| tp-link | er7412-m2 | * | any |
| tp-link | er707-m2_firmware | * | <1.3.1 |
| tp-link | er707-m2_firmware | 1.3.1 | any |
| tp-link | er707-m2 | * | any |
| tp-link | er7206_firmware | * | <2.2.2 |
| tp-link | er7206_firmware | 2.2.2 | any |
| tp-link | er7206 | * | any |
| tp-link | er605_firmware | * | <2.3.1 |
| tp-link | er605_firmware | 2.3.1 | any |
| tp-link | er605 | * | any |
| tp-link | er706w_firmware | * | <1.2.1 |
| tp-link | er706w_firmware | 1.2.1 | any |
| tp-link | er706w | * | any |
| tp-link | er706w-4g_firmware | * | <1.2.1 |
| tp-link | er706w-4g_firmware | 1.2.1 | any |
| tp-link | er706w-4g | * | any |
| tp-link | er7212pc_firmware | * | <2.1.3 |
| tp-link | er7212pc_firmware | 2.1.3 | any |
| tp-link | er7212pc | * | any |
| tp-link | g36_firmware | * | <1.1.4 |
| tp-link | g36_firmware | 1.1.4 | any |
| tp-link | g36 | * | any |
| tp-link | g611_firmware | * | <1.2.2 |
| tp-link | g611_firmware | 1.2.2 | any |
| tp-link | g611 | * | any |
| tp-link | fr365_firmware | * | <1.1.10 |
| tp-link | fr365_firmware | 1.1.10 | any |
| tp-link | fr365 | * | any |
| tp-link | fr205_firmware | * | <1.0.3 |
| tp-link | fr205_firmware | 1.0.3 | any |
| tp-link | fr205 | * | any |
| tp-link | fr307-m2_firmware | * | <1.2.5 |
| tp-link | fr307-m2_firmware | 1.2.5 | any |
| tp-link | fr307-m2 | * | any |
References 5
- support.omadanetworks.com https://support.omadanetworks.com/en/document/108456/
- forescout.com https://www.forescout.com/blog/new-tp-link-router-vulnerabilities-a-primer-on-rooting-routers/
- omadanetworks.com https://www.omadanetworks.com/us/business-networking/all-omada-router/
- omadanetworks.com https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/
- tp-link.com https://www.tp-link.com/us/business-networking/soho-festa-gateway/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.