Security Advisory

CVE-2025-9521

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-26 19:35:26

Last updated 2026-02-03 19:02:21

Assigner TPLink

State PUBLISHED

Description

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security.

← Browse all CVEs View on cve.org ↗