CVE-2025-9289

A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If successful, an attacker could execute arbitrary JavaScript in the administrator’s browser, potentially exposing sensitive information and compromising confidentiality.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.6 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://support.omadanetworks.com/us/document/114950/	Vendor Advisory
https://support.omadanetworks.com/us/download/	Product

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tp-link:omada_controller:::::-:::*
	cpe:2.3:a:tp-link:omada_controller:::::cloud:::*

Configuration 2 (hide)

AND

cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*

OR	cpe:2.3:h:tp-link:oc200:1:::::::*
	cpe:2.3:h:tp-link:oc200:2:::::::*
	cpe:2.3:h:tp-link:oc220:1:::::::*
	cpe:2.3:h:tp-link:oc300:1.6:::::::*
	cpe:2.3:h:tp-link:oc400:1.6:::::::*

History

No history.

Information

Published : 2026-01-22 22:16

Updated : 2026-03-16 18:06

NVD link : CVE-2025-9289

Mitre link : CVE-2025-9289

CVE.ORG link : CVE-2025-9289

JSON object : View

Products Affected

tp-link

oc220
oc200_firmware
oc300_firmware
oc400_firmware
oc300
omada_controller
oc200
oc220_firmware
oc400

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2025-9289", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.6}], "cvssMetricV40": [{"type": "Secondary", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-22T22:16:15.787", "references": [{"url": "https://support.omadanetworks.com/us/document/114950/", "tags": ["Vendor Advisory"], "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}, {"url": "https://support.omadanetworks.com/us/download/", "tags": ["Product"], "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If successful, an attacker could execute arbitrary JavaScript in the administrator\u2019s browser, potentially exposing sensitive information and compromising confidentiality."}, {"lang": "es", "value": "Una vulnerabilidad de cross-site scripting (XSS) fue identificada en un par\u00e1metro en los Controladores Omada debido a una sanitizaci\u00f3n de entrada inadecuada. La explotaci\u00f3n requiere condiciones avanzadas, como el posicionamiento en la red o la emulaci\u00f3n de una entidad de confianza, y la interacci\u00f3n del usuario por parte de un administrador autenticado. Si tiene \u00e9xito, un atacante podr\u00eda ejecutar JavaScript arbitrario en el navegador del administrador, exponiendo potencialmente informaci\u00f3n sensible y comprometiendo la confidencialidad."}], "lastModified": "2026-03-16T18:06:44.293", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "3B623F6F-B033-44B4-9F50-97CE3C0F84E1", "versionEndExcluding": "6.0.0.24"}, {"criteria": "cpe:2.3:a:tp-link:omada_controller:*:*:*:*:cloud:*:*:*", "vulnerable": true, "matchCriteriaId": "DB01AAAF-90A1-4DA2-8810-D5A02D11ABCC", "versionEndExcluding": "6.0.0.100"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "036DEE09-EB29-4F38-A472-181FE88A1EAC", "versionEndExcluding": "1.37.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D994D0D1-FE36-4CB9-A641-CAAC8D643783"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:oc220_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1836F980-6E1F-4305-973E-AB34BD046CFD", "versionEndExcluding": "1.2.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "077DD2BF-32E3-434E-B040-9B4C48F419CA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:oc300_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1188840C-7B7B-4D07-A4D4-DED7D02E2971", "versionEndExcluding": "1.31.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E90417C-17A3-4D55-9764-4EF93D19B610"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:oc400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B04AEC9-E614-4C99-98B5-568D845C3153", "versionEndExcluding": "1.9.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15655343-B8B7-4C17-8F9B-E90823407861"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:oc200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F791A1D-CF64-44C9-B17C-FF8632E3B6BF", "versionEndExcluding": "2.22.9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86D6AE05-E5BE-41A6-B3ED-16C5B15BF2A2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tp-link:omada_controller:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "64544C00-6B20-4320-850B-B83F99D72BC6", "versionEndExcluding": "6.0.0.34"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:oc200:1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D994D0D1-FE36-4CB9-A641-CAAC8D643783"}, {"criteria": "cpe:2.3:h:tp-link:oc200:2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86D6AE05-E5BE-41A6-B3ED-16C5B15BF2A2"}, {"criteria": "cpe:2.3:h:tp-link:oc220:1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "077DD2BF-32E3-434E-B040-9B4C48F419CA"}, {"criteria": "cpe:2.3:h:tp-link:oc300:1.6:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E90417C-17A3-4D55-9764-4EF93D19B610"}, {"criteria": "cpe:2.3:h:tp-link:oc400:1.6:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15655343-B8B7-4C17-8F9B-E90823407861"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630"}