CVE-2025-7850

high-risk
Published 2025-10-21

A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.

Do I need to act?

~
1.0% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.2/10 High
NETWORK / LOW complexity

Affected Products (20)

Er8411 Firmware
Er8411 Firmware
Er7412-M2 Firmware
Er7412-M2 Firmware
Er707-M2 Firmware
Er707-M2 Firmware
Er7206 Firmware
Er7206 Firmware
Er605 Firmware
Er605 Firmware
Er706W Firmware
Er706W Firmware
Er706W-4G Firmware
Er706W-4G Firmware
Er7212Pc Firmware
Er7212Pc Firmware
G36 Firmware
G36 Firmware
G611 Firmware
G611 Firmware

Affected Vendors

Tp-Link

References (5)

Vendor Advisory https://support.omadanetworks.com/en/document/108456/
https://www.forescout.com/blog/new-tp-link-router-vulnerabilities-a-primer-on-ro...
Product https://www.omadanetworks.com/us/business-networking/all-omada-router/
Product https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-rout...
Product https://www.tp-link.com/us/business-networking/soho-festa-gateway/
50
/ 100
high-risk
Severity 26/34 · High
Exploitability 3/34 · Minimal
Exposure 21/34 · High