Several vulnerabilities have been found in the TP-Link Omada system, which is a popular software-defined networking solution for small to medium-sized businesses. The vulnerabilities could let attackers run code from a distance, causing serious security issues.
The affected devices are wireless access points, routers, switches, VPN devices, and hardware controllers for the Omada software.
By infosecbulletin
/ Sunday , June 30 2024
Indonesia's temporary National Data Center (PDN) was attacked by ransomware last Thursday, leading to delays in airport immigration services and...
Read More
By infosecbulletin
/ Saturday , June 29 2024
FortiGuard Labs found an attack that uses the CVE-2021-40444 vulnerability in Microsoft Office. This flaw lets attackers run harmful code...
Read More
By infosecbulletin
/ Saturday , June 29 2024
Starting November 1, 2024, Google will block websites that use certificates from Entrust. Google made this decision because Entrust has...
Read More
By infosecbulletin
/ Saturday , June 29 2024
CISA issued seven advisories about Industrial Control Systems (ICS) on June 27, 2024. These advisories aim to give prompt information...
Read More
By infosecbulletin
/ Friday , June 28 2024
Researchers said, threat actor exploiting vulnerabilities in Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839 to deploy cryptocurrency miners via PowerShell...
Read More
By infosecbulletin
/ Friday , June 28 2024
In a statement On Wednesday, 26 June 2024, team viewer said, "our security team detected an irregularity in TeamViewer’s internal...
Read More
By infosecbulletin
/ Friday , June 28 2024
GitLab, a platform for DevOps tools, released critical updates for its Community Edition (CE) and Enterprise Edition (EE). The new...
Read More
By infosecbulletin
/ Thursday , June 27 2024
Several vulnerabilities have been found in the TP-Link Omada system, which is a popular software-defined networking solution for small to...
Read More
By infosecbulletin
/ Thursday , June 27 2024
Evolve Bank & Trust experienced a cybersecurity incident. The bank confirmed that cybercriminals obtained and shared customers' personal information on...
Read More
By infosecbulletin
/ Thursday , June 27 2024
According to digital risk management firm Athenian Technology, BSNL, India's state-owned telecom provider, suffered a significant data breach. A cybercriminal...
Read More
Vulnerability Details:
Identified Vulnerabilities
Twelve unique vulnerabilities were identified and reported to the vendor following our responsible disclosure policy.
Talos ID CVE(s)
TALOS-2023-1888 CVE-2023-49906–CVE-2023-49913
TALOS-2023-1864 CVE-2023-48724
TALOS-2023-1862 CVE-2023-49133–CVE-2023-49134
TALOS-2023-1861 CVE-2023-49074
TALOS-2023-1859 CVE-2023-47618
TALOS-2023-1858 CVE-2023-47617
TALOS-2023-1857 CVE-2023-46683
TALOS-2023-1856 CVE-2023-42664
TALOS-2023-1855 CVE-2023-47167
TALOS-2023-1854 CVE-2023-47209
TALOS-2023-1853 CVE-2023-36498
TALOS-2023-1850 CVE-2023-43482
Cisco Talos found twelve vulnerabilities in the TP-Link Omada system. The vendor was informed about these vulnerabilities following a responsible disclosure policy. The affected devices are:
EAP 115 and EAP 225 wireless access points
ER7206 gigabit VPN router
Omada software controller
To read out the full report click here.