TP-Link Reveals More Hardware Security Issues, So Patch Now or Take Risk

TP-Link fixed four Omada Gateway flaws, including two deemed critical to code execution
Three were command injection bugs; a root shell allowed via poor privilege management
Several models affected; a critical flaw requires no authentication to be exploited

Network equipment maker TP-Link has fixed four vulnerabilities discovered in its Omada gateway products, including two of critical severity that could allow arbitrary code execution.

In a security advisory, TP-Link said three out of four flaws were command injection vulnerabilities. The fourth issue was an improper privilege management flaw.

The two critical-level flaws were command injection flaws and are tracked as CVE-2025-6542 and CVE-2025-7850, both having a severity score of 9.3/10. For the latter, an attacker must also have administrator access to the web portal, while for the former no authentication is required.

Many models affected

The other two flaws are tracked as CVE-2025-6541 (score 8.6/10) and CVE-2025-7851. The first is exploitable by users with access to the web management interface, while the second is that of improper privilege management, allowing malicious actors to obtain the root shell on the underlying operating system.

Several models and versions of products would be affected. Here is the full list:

ER8411 < 1.3.3 Build 20251013 Rel.44647

ER7412-M2 < 1.1.0 Version 20251015 Rel.63594

ER707-M2 < 1.3.1 Build 20251009 Rel.67687

ER7206 < 2.2.2 Version 20250724 Rel.11109

ER605 < 2.3.1 Build 20251015 Rel.78291

ER706W < 1.2.1 Build 20250821 Rel.80909

ER706W-4G < 1.2.1 Build 20250821 Rel.82492

ER7212PC < 2.1.3 Build 20251016 Rel.82571

G36 < 1.1.4 Build 20251015 Rel.84206

G611 < 1.2.2 Build 20251017 Rel.45512

FR365 < 1.1.10 Build 20250626 Rel.81746

FR205 < 1.0.3 Build 20251016 Rel.61376

FR307-M2 < 1.2.5 Build 20251015 Rel.76743

TP-Link did not specify whether these flaws were exploited in the wild or not. However, cybercriminals often wait until companies post advisories before attacking, knowing that many organizations rarely apply patches on time.

Via Hacker news

Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!

And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.

The best antivirus for every budget

Our top picks, based on real-world testing and comparisons

Must Read

Leave a Comment Cancel Reply