← Volver a CVEs
CVE-2025-7851
CRITICAL9.8
Descripcion
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado10/21/2025
Ultima modificacion10/24/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
tp-link:er605tp-link:er605_firmwaretp-link:er706wtp-link:er706w-4gtp-link:er706w-4g_firmwaretp-link:er706w_firmwaretp-link:er707-m2tp-link:er707-m2_firmwaretp-link:er7206tp-link:er7206_firmwaretp-link:er7212pctp-link:er7212pc_firmwaretp-link:er7412-m2tp-link:er7412-m2_firmwaretp-link:er8411tp-link:er8411_firmwaretp-link:fr205tp-link:fr205_firmwaretp-link:fr307-m2tp-link:fr307-m2_firmwaretp-link:fr365tp-link:fr365_firmwaretp-link:g36tp-link:g36_firmwaretp-link:g611tp-link:g611_firmware
Debilidades (CWE)
CWE-269
Referencias
https://support.omadanetworks.com/en/document/108456/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.forescout.com/blog/new-tp-link-router-vulnerabilities-a-primer-on-rooting-routers/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.omadanetworks.com/us/business-networking/all-omada-router/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/us/business-networking/soho-festa-gateway/(f23511db-6c3e-4e32-a477-6aa17d310630)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.