Wednesday, June 3, 2026
Latest:
News

TP-Link patches four Omada gateway flaws, two critical, admins urged to update now

HackAcademy

TP-Link has released fixes for four vulnerabilities affecting Omada gateways, including two critical bugs that could allow arbitrary code execution. The networking vendor published an advisory this week and urged customers to update immediately, warning that one of the critical issues can be exploited without authentication.

According to TP-Link, three of the flaws are command injection bugs, and one is an improper privilege management issue that can grant a root shell on the underlying operating system.

The vulnerabilities

  • CVE-2025-6542, CVSS 9.3, critical. Command injection. No authentication required.

  • CVE-2025-7850, CVSS 9.3, critical. Command injection. Admin access to the web portal required.

  • CVE-2025-6541, CVSS 8.6, high. Command injection. Exploitable by users with access to the web management interface.

  • CVE-2025-7851, severity not listed. Improper privilege management. Can be used to obtain a root shell.

Affected models and fixed builds

Update to at least the following firmware builds. Versions below these are vulnerable.

  • ER8411 1.3.3 Build 20251013 Rel.44647

  • ER7412-M2 1.1.0 Build 20251015 Rel.63594

  • ER707-M2 1.3.1 Build 20251009 Rel.67687

  • ER7206 2.2.2 Build 20250724 Rel.11109

  • ER605 2.3.1 Build 20251015 Rel.78291

  • ER706W 1.2.1 Build 20250821 Rel.80909

  • ER706W-4G 1.2.1 Build 20250821 Rel.82492

  • ER7212PC 2.1.3 Build 20251016 Rel.82571

  • G36 1.1.4 Build 20251015 Rel.84206

  • G611 1.2.2 Build 20251017 Rel.45512

  • FR365 1.1.10 Build 20250626 Rel.81746

  • FR205 1.0.3 Build 20251016 Rel.61376

  • FR307-M2 1.2.5 Build 20251015 Rel.76743

TP-Link did not state whether the bugs are being exploited. Security teams note that threat actors often weaponize newly disclosed device flaws quickly, since many networks delay patching.

What admins should do

  1. Check model and firmware, then upgrade to the fixed build or later.

  2. If immediate patching is not possible, restrict management access to trusted IPs, disable remote administration, and place controllers behind a VPN.

  3. Monitor logs for unexpected admin logins, new users, or configuration changes.

  4. Rotate admin credentials and enable multi factor authentication where supported.

Edge gateways are high value targets. An unauthenticated command injection bug offers a direct path to network takeover. Apply the updates now, and tighten management plane exposure as a baseline.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *