Unrated severityNVD Advisory· Published Jan 22, 2026· Updated Jan 23, 2026
Authentication Weakness on Omada Controllers, Gateways and Access Points
CVE-2025-9290
Description
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Range: 0
- Range: 0
- TP-Link Systems Inc./Omada Access Point (EAP653 UR v1.0)v5Range: 0
Patches
Vulnerability mechanics
References
3- support.omadanetworks.com/en/download/mitrepatch
- support.omadanetworks.com/us/download/mitrepatch
- support.omadanetworks.com/us/document/114950/mitrevendor-advisory
News mentions
0No linked articles in our index yet.