CVE-2025-9289 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced…
Medium CVSS: 5.7

CVE-2025-9289

A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If successful, an attacker could execute arbitrary JavaScript in the administrator’s browser, potentially exposing sensitive information and compromising confidentiality.
Vendor
Tp-link
Product
Omada Controller
CWE
CWE-79
Yayın Tarihi
2026-01-22 22:16:15
Güncelleme
2026-03-16 18:06:44
Source Identifier
f23511db-6c3e-4e32-a477-6aa17d310630
KEV Date Added
-

Kategoriler

CWE-79 Omada Controller MEDIUM Tp-link 2026

Referanslar

https://support.omadanetworks.com/us/document/114950/ https://support.omadanetworks.com/us/download/