VYPR
Vendor

Omada

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2026-1668CriMar 13, 2026
    risk 0.64cvss 9.8epss 0.01

    The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.An…

  • CVE-2025-9521Jan 26, 2026
    risk 0.00cvss epss 0.00

    Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security.

  • CVE-2025-9290Jan 22, 2026
    risk 0.00cvss epss 0.00

    An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge…

  • CVE-2025-9289Jan 22, 2026
    risk 0.00cvss epss 0.00

    A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated…