An arbitrary OS command may be executed on the product by a remote unauthenticated attacker.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-10-21
A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.
CVSS Score
7.2
EPSS Score
0.011
Published
2025-10-21
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-10-21
An arbitrary OS command may be executed on the product by the user who can log in to the web management interface.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-10-21