CVE-2025-7850 - Vulnerability Details - OpenCVE

A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://support.omadanetworks.com/en/document/108456/
https://www.omadanetworks.com/us/business-networking/all-omada-router/
https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/
https://www.tp-link.com/us/business-networking/soho-festa-gateway/

History

Tue, 21 Oct 2025 00:45:00 +0000

Type	Values Removed	Values Added
Description		A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.
Title		Authenticated OS command execution
Weaknesses		CWE-78
References		https://support.omadanetworks.com/en/document/108456/ https://www.omadanetworks.com/us/business-networking/all-omada-router/ https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/ https://www.tp-link.com/us/business-networking/soho-festa-gateway/
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: TPLink

Published: 2025-10-21T00:28:11.589Z

Updated: 2025-10-21T00:28:11.589Z

Reserved: 2025-07-18T21:49:10.486Z

Link: CVE-2025-7850

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-21T01:15:37.193

Modified: 2025-10-21T01:15:37.193

Link: CVE-2025-7850

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7850", "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "state": "PUBLISHED", "assignerShortName": "TPLink", "dateReserved": "2025-07-18T21:49:10.486Z", "datePublished": "2025-10-21T00:28:11.589Z", "dateUpdated": "2025-10-21T00:28:11.589Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "Omada gateways", "vendor": "TP-Link Systems Inc.", "versions": [{"lessThan": "ER8411 1.3.3, ER7412-M2 1.1.0, ER707-M2 1.3.1, ER7206 2.2.2, ER605 2.3.1, ER706W 1.2.1, ER706W-4G 1.2.1, ER7212PC 2.1.3", "status": "affected", "version": "0", "versionType": "Firmware"}]}, {"defaultStatus": "unaffected", "product": "Festa gateways", "vendor": "TP-Link Systems Inc.", "versions": [{"lessThan": "FR365 1.1.10, FR205 1.0.3, FR307 1.2.5", "status": "affected", "version": "0", "versionType": "Firmware"}]}, {"defaultStatus": "unaffected", "product": "Omada Pro gateways", "vendor": "TP-Link Systems Inc.", "versions": [{"lessThan": "G36 1.1.4, G611 1.2.2", "status": "affected", "version": "0", "versionType": "Firmware"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.<br></div>"}], "value": "A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630", "shortName": "TPLink", "dateUpdated": "2025-10-21T00:28:11.589Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://support.omadanetworks.com/en/document/108456/"}, {"tags": ["product"], "url": "https://www.omadanetworks.com/us/business-networking/all-omada-router/"}, {"tags": ["product"], "url": "https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/"}, {"tags": ["product"], "url": "https://www.tp-link.com/us/business-networking/soho-festa-gateway/"}], "source": {"discovery": "UNKNOWN"}, "title": "Authenticated OS command execution", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways."}], "id": "CVE-2025-7850", "lastModified": "2025-10-21T01:15:37.193", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary"}]}, "published": "2025-10-21T01:15:37.193", "references": [{"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "url": "https://support.omadanetworks.com/en/document/108456/"}, {"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "url": "https://www.omadanetworks.com/us/business-networking/all-omada-router/"}, {"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "url": "https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/"}, {"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "url": "https://www.tp-link.com/us/business-networking/soho-festa-gateway/"}], "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary"}]}