TP-Link is issuing an urgent warning regarding four critical security flaws that impact its popular Omada gateway devices across the ER, G, and FR series. Users are strongly advised to update their device firmware immediately, as the vulnerabilities could enable remote code execution (RCE).
Details of the Critical Flaws
Two of the vulnerabilities, both scoring a critical CVSS of 9.3, are particularly severe:
- CVE-2025-6542: This flaw allows for the execution of an arbitrary OS command on Omada gateways. In the worst-case scenario, an unauthenticated remote attacker could exploit this issue simply by accessing the web management interface.
- CVE-2025-7850: This is a command injection vulnerability. An attacker could exploit this flaw after successfully authenticating as an administrator on the web portal, allowing them to execute unauthorized commands.
Two additional high-severity vulnerabilities were also fixed:
- CVE-2025-7851 (CVSS 8.7): A flaw that could allow an attacker to obtain the root shell on the underlying operating system under restricted conditions.
- CVE-2025-6541 (CVSS 8.6): Another arbitrary OS command execution vulnerability available to users who can log in to the web management interface.
Immediate Action Required
TP-Link has already released firmware updates to patch these issues. The company urges all users of affected Omada gateways to take the following steps immediately:
- Install the latest firmware updates available on the official TP-Link support site.
- Change all default or weak passwords on their devices.
- Restrict access to the device's management interface, ideally limiting access only to trusted internal networks.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
