420/68 Friday, October 24, 2025
Taiwanese networking equipment manufacturer TP-Link has released two security advisories this week regarding four critical vulnerabilities affecting more than ten models of its Omada Gateway devices across the ER, G, and FR series. The company has already issued firmware updates to address these flaws and strongly advises all users of affected products to apply the updates immediately to ensure system security.
Among the identified vulnerabilities, the most severe is CVE-2025-6542, with a CVSS score of 9.3. This flaw allows attackers to execute arbitrary OS commands on the gateway. Alarmingly, it can be exploited remotely without authentication. Another major issue is CVE-2025-7850 (CVSS 9.3), a Command Injection vulnerability that can be leveraged once an administrator logs into the web portal. Two additional vulnerabilities (CVE-2025-7851 and CVE-2025-6541) are also linked to root-level access and OS command execution.
TP-Link highlighted that several popular models are affected, including ER8411, ER707-M2, ER605, G36, and FR365, among others. The company recommends users take the following immediate actions:
- Install the latest firmware updates from the official TP-Link support website.
- Change default or weak passwords on all Omada devices.
- Restrict access to the device management interface, ensuring it is only reachable from trusted internal networks to prevent attackers from exploiting the vulnerabilities over the internet.
