← Back

Oc220 Firmware

oc220_firmware

Vendor: Tp Link • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-9290
1Tp Link
56Beam Bridge 5 Ur Firmware
Dr3220v 4g FirmwareDr3650v 4g Firmware+53 more
Mar 16, 2026
Jan 23, 2026
6.0 MEDIUM· v4
5.9 MEDIUM· v3
N/A· v2
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and all...Show more
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.Show less
CVE-2025-9289
1Tp Link
5Oc200 Firmware
Oc220 FirmwareOc300 Firmware+2 more
Mar 16, 2026
Jan 22, 2026
5.7 MEDIUM· v4
4.7 MEDIUM· v3
N/A· v2
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trus...Show more
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If successful, an attacker could execute arbitrary JavaScript in the administrator’s browser, potentially exposing sensitive information and compromising confidentiality.Show less