Веб-интерфейс на нескольких коммутаторах Omada не проверяет должным образом определенные внешние входные данные, что может привести к выходу за пределы доступа к памяти при обработке созданных запросов. При определенных условиях эта уязвимость может привести к непреднамеренному выполнению команды.<br>Неаутентифицированный злоумышленник, имеющий сетевой доступ к затронутому интерфейсу, может вызвать повреждение памяти, нестабильность службы или раскрытие информации. Успешная эксплуатация может привести к удаленному выполнению кода или отказу в обслуживании.
Показать оригинальное описание (EN)
The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.
Характеристики атаки
Способ атаки
Смежная сеть
Нужен доступ к локальной сети
Сложность
Высокая
Сложно эксплуатировать
Условия для атаки
Не требуются
Нет дополнительных условий
Нужны права
Не требуются
Права не нужны
Участие пользователя
Не требуется
Не нужно действие пользователя
Последствия
Конфиденциальность
Высокое
Полная утечка данных
Целостность
Высокое
Полная модификация данных
Доступность
Высокое
Полный отказ в обслуживании
Строка CVSS v4.0
Тип уязвимости (CWE)
Уязвимые продукты 100
| Конфигурация | От (включительно) | До (исключительно) |
|---|---|---|
|
Tp-Link Omada_Sg2005p-Pd_Firmware
cpe:2.3:o:tp-link:omada_sg2005p-pd_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.19
|
|
Tp-Link Omada_Sg2005p-Pd
cpe:2.3:h:tp-link:omada_sg2005p-pd:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2008_Firmware
cpe:2.3:o:tp-link:omada_sg2008_firmware:*:*:*:*:*:*:*:*
|
4.20.0
|
4.20.17
|
|
Tp-Link Omada_Sg2008_Firmware
cpe:2.3:o:tp-link:omada_sg2008_firmware:*:*:*:*:*:*:*:*
|
4.30.0
|
4.30.1
|
|
Tp-Link Omada_Sg2008
cpe:2.3:h:tp-link:omada_sg2008:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2008p_Firmware
cpe:2.3:o:tp-link:omada_sg2008p_firmware:*:*:*:*:*:*:*:*
|
3.20.0
|
3.20.17
|
|
Tp-Link Omada_Sg2008p_Firmware
cpe:2.3:o:tp-link:omada_sg2008p_firmware:*:*:*:*:*:*:*:*
|
3.30.0
|
3.30.1
|
|
Tp-Link Omada_Sg2008p
cpe:2.3:h:tp-link:omada_sg2008p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2016p_Firmware
cpe:2.3:o:tp-link:omada_sg2016p_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.17
|
|
Tp-Link Omada_Sg2016p_Firmware
cpe:2.3:o:tp-link:omada_sg2016p_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.1
|
|
Tp-Link Omada_Sg2016p
cpe:2.3:h:tp-link:omada_sg2016p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2210mp_Firmware
cpe:2.3:o:tp-link:omada_sg2210mp_firmware:*:*:*:*:*:*:*:*
|
4.20.0
|
4.20.18
|
|
Tp-Link Omada_Sg2210mp_Firmware
cpe:2.3:o:tp-link:omada_sg2210mp_firmware:*:*:*:*:*:*:*:*
|
5.0.0
|
5.0.15
|
|
Tp-Link Omada_Sg2210mp_Firmware
cpe:2.3:o:tp-link:omada_sg2210mp_firmware:*:*:*:*:*:*:*:*
|
5.20.0
|
5.20.1
|
|
Tp-Link Omada_Sg2210mp
cpe:2.3:h:tp-link:omada_sg2210mp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2210p_Firmware
cpe:2.3:o:tp-link:omada_sg2210p_firmware:*:*:*:*:*:*:*:*
|
5.20.0
|
5.20.18
|
|
Tp-Link Omada_Sg2210p_Firmware
cpe:2.3:o:tp-link:omada_sg2210p_firmware:*:*:*:*:*:*:*:*
|
5.30.0
|
5.30.1
|
|
Tp-Link Omada_Sg2210p
cpe:2.3:h:tp-link:omada_sg2210p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2210xmp-M2_Firmware
cpe:2.3:o:tp-link:omada_sg2210xmp-m2_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.19
|
|
Tp-Link Omada_Sg2210xmp-M2
cpe:2.3:h:tp-link:omada_sg2210xmp-m2:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2218_Firmware
cpe:2.3:o:tp-link:omada_sg2218_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.17
|
|
Tp-Link Omada_Sg2218_Firmware
cpe:2.3:o:tp-link:omada_sg2218_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.1
|
|
Tp-Link Omada_Sg2218
cpe:2.3:h:tp-link:omada_sg2218:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2218p_Firmware
cpe:2.3:o:tp-link:omada_sg2218p_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.17
|
|
Tp-Link Omada_Sg2218p_Firmware
cpe:2.3:o:tp-link:omada_sg2218p_firmware:*:*:*:*:*:*:*:*
|
2.0.0
|
2.0.14
|
|
Tp-Link Omada_Sg2218p_Firmware
cpe:2.3:o:tp-link:omada_sg2218p_firmware:*:*:*:*:*:*:*:*
|
2.20.0
|
2.20.2
|
|
Tp-Link Omada_Sg2218p
cpe:2.3:h:tp-link:omada_sg2218p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2428lp_Firmware
cpe:2.3:o:tp-link:omada_sg2428lp_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.13
|
|
Tp-Link Omada_Sg2428lp
cpe:2.3:h:tp-link:omada_sg2428lp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2428p_Firmware
cpe:2.3:o:tp-link:omada_sg2428p_firmware:*:*:*:*:*:*:*:*
|
5.20.0
|
5.20.20
|
|
Tp-Link Omada_Sg2428p_Firmware
cpe:2.3:o:tp-link:omada_sg2428p_firmware:*:*:*:*:*:*:*:*
|
5.30.0
|
5.30.16
|
|
Tp-Link Omada_Sg2428p
cpe:2.3:h:tp-link:omada_sg2428p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg2452lp_Firmware
cpe:2.3:o:tp-link:omada_sg2452lp_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.13
|
|
Tp-Link Omada_Sg2452lp
cpe:2.3:h:tp-link:omada_sg2452lp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3210_Firmware
cpe:2.3:o:tp-link:omada_sg3210_firmware:*:*:*:*:*:*:*:*
|
3.20.0
|
3.20.17
|
|
Tp-Link Omada_Sg3210_Firmware
cpe:2.3:o:tp-link:omada_sg3210_firmware:*:*:*:*:*:*:*:*
|
3.30.0
|
3.30.1
|
|
Tp-Link Omada_Sg3210
cpe:2.3:h:tp-link:omada_sg3210:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3210xhp-M2_Firmware
cpe:2.3:o:tp-link:omada_sg3210xhp-m2_firmware:*:*:*:*:*:*:*:*
|
3.0.0
|
3.0.21
|
|
Tp-Link Omada_Sg3210xhp-M2
cpe:2.3:h:tp-link:omada_sg3210xhp-m2:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3210x-M2_Firmware
cpe:2.3:o:tp-link:omada_sg3210x-m2_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.1
|
|
Tp-Link Omada_Sg3210x-M2
cpe:2.3:h:tp-link:omada_sg3210x-m2:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3218xp-M2_Firmware
cpe:2.3:o:tp-link:omada_sg3218xp-m2_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.19
|
|
Tp-Link Omada_Sg3218xp-M2
cpe:2.3:h:tp-link:omada_sg3218xp-m2:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428_Firmware
cpe:2.3:o:tp-link:omada_sg3428_firmware:*:*:*:*:*:*:*:*
|
2.30.0
|
2.30.16
|
|
Tp-Link Omada_Sg3428_Firmware
cpe:2.3:o:tp-link:omada_sg3428_firmware:*:*:*:*:*:*:*:*
|
2.40.0
|
2.40.1
|
|
Tp-Link Omada_Sg3428
cpe:2.3:h:tp-link:omada_sg3428:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428mp_Firmware
cpe:2.3:o:tp-link:omada_sg3428mp_firmware:*:*:*:*:*:*:*:*
|
6.20.0
|
6.20.20
|
|
Tp-Link Omada_Sg3428mp_Firmware
cpe:2.3:o:tp-link:omada_sg3428mp_firmware:*:*:*:*:*:*:*:*
|
6.30.0
|
6.30.1
|
|
Tp-Link Omada_Sg3428mp
cpe:2.3:h:tp-link:omada_sg3428mp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428x_Firmware
cpe:2.3:o:tp-link:omada_sg3428x_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.17
|
|
Tp-Link Omada_Sg3428x_Firmware
cpe:2.3:o:tp-link:omada_sg3428x_firmware:*:*:*:*:*:*:*:*
|
1.40.0
|
1.40.1
|
|
Tp-Link Omada_Sg3428x
cpe:2.3:h:tp-link:omada_sg3428x:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428xf_Firmware
cpe:2.3:o:tp-link:omada_sg3428xf_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.16
|
|
Tp-Link Omada_Sg3428xf_Firmware
cpe:2.3:o:tp-link:omada_sg3428xf_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.1
|
|
Tp-Link Omada_Sg3428xf
cpe:2.3:h:tp-link:omada_sg3428xf:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428x-M2_Firmware
cpe:2.3:o:tp-link:omada_sg3428x-m2_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.18
|
|
Tp-Link Omada_Sg3428x-M2
cpe:2.3:h:tp-link:omada_sg3428x-m2:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428xmp_Firmware
cpe:2.3:o:tp-link:omada_sg3428xmp_firmware:*:*:*:*:*:*:*:*
|
3.20.0
|
3.20.21
|
|
Tp-Link Omada_Sg3428xmp_Firmware
cpe:2.3:o:tp-link:omada_sg3428xmp_firmware:*:*:*:*:*:*:*:*
|
3.30.0
|
3.30.1
|
|
Tp-Link Omada_Sg3428xmp
cpe:2.3:h:tp-link:omada_sg3428xmp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428xmpp_Firmware
cpe:2.3:o:tp-link:omada_sg3428xmpp_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.16
|
|
Tp-Link Omada_Sg3428xmpp_Firmware
cpe:2.3:o:tp-link:omada_sg3428xmpp_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.1
|
|
Tp-Link Omada_Sg3428xmpp
cpe:2.3:h:tp-link:omada_sg3428xmpp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3428xpp-M2_Firmware
cpe:2.3:o:tp-link:omada_sg3428xpp-m2_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.19
|
|
Tp-Link Omada_Sg3428xpp-M2
cpe:2.3:h:tp-link:omada_sg3428xpp-m2:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3452_Firmware
cpe:2.3:o:tp-link:omada_sg3452_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.17
|
|
Tp-Link Omada_Sg3452_Firmware
cpe:2.3:o:tp-link:omada_sg3452_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.1
|
|
Tp-Link Omada_Sg3452
cpe:2.3:h:tp-link:omada_sg3452:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3452p_Firmware
cpe:2.3:o:tp-link:omada_sg3452p_firmware:*:*:*:*:*:*:*:*
|
3.30.0
|
3.30.17
|
|
Tp-Link Omada_Sg3452p_Firmware
cpe:2.3:o:tp-link:omada_sg3452p_firmware:*:*:*:*:*:*:*:*
|
3.40.0
|
3.40.1
|
|
Tp-Link Omada_Sg3452p
cpe:2.3:h:tp-link:omada_sg3452p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3452x_Firmware
cpe:2.3:o:tp-link:omada_sg3452x_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.18
|
|
Tp-Link Omada_Sg3452x_Firmware
cpe:2.3:o:tp-link:omada_sg3452x_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.1
|
|
Tp-Link Omada_Sg3452x
cpe:2.3:h:tp-link:omada_sg3452x:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3452xmpp_Firmware
cpe:2.3:o:tp-link:omada_sg3452xmpp_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.15
|
|
Tp-Link Omada_Sg3452xmpp
cpe:2.3:h:tp-link:omada_sg3452xmpp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sg3452xp_Firmware
cpe:2.3:o:tp-link:omada_sg3452xp_firmware:*:*:*:*:*:*:*:*
|
2.20.0
|
2.20.20
|
|
Tp-Link Omada_Sg3452xp_Firmware
cpe:2.3:o:tp-link:omada_sg3452xp_firmware:*:*:*:*:*:*:*:*
|
2.30.0
|
2.30.1
|
|
Tp-Link Omada_Sg3452xp
cpe:2.3:h:tp-link:omada_sg3452xp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sl2428p_Firmware
cpe:2.3:o:tp-link:omada_sl2428p_firmware:*:*:*:*:*:*:*:*
|
6.20.0
|
6.20.18
|
|
Tp-Link Omada_Sl2428p
cpe:2.3:h:tp-link:omada_sl2428p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sx3008f_Firmware
cpe:2.3:o:tp-link:omada_sx3008f_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.12
|
|
Tp-Link Omada_Sx3008f
cpe:2.3:h:tp-link:omada_sx3008f:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sx3016f_Firmware
cpe:2.3:o:tp-link:omada_sx3016f_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.16
|
|
Tp-Link Omada_Sx3016f_Firmware
cpe:2.3:o:tp-link:omada_sx3016f_firmware:*:*:*:*:*:*:*:*
|
1.30.0
|
1.30.1
|
|
Tp-Link Omada_Sx3016f
cpe:2.3:h:tp-link:omada_sx3016f:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sx3032f_Firmware
cpe:2.3:o:tp-link:omada_sx3032f_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.15
|
|
Tp-Link Omada_Sx3032f
cpe:2.3:h:tp-link:omada_sx3032f:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sx3206hpp_Firmware
cpe:2.3:o:tp-link:omada_sx3206hpp_firmware:*:*:*:*:*:*:*:*
|
1.20.0
|
1.20.12
|
|
Tp-Link Omada_Sx3206hpp
cpe:2.3:h:tp-link:omada_sx3206hpp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sx3832_Firmware
cpe:2.3:o:tp-link:omada_sx3832_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.12
|
|
Tp-Link Omada_Sx3832
cpe:2.3:h:tp-link:omada_sx3832:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Sx3832mpp_Firmware
cpe:2.3:o:tp-link:omada_sx3832mpp_firmware:*:*:*:*:*:*:*:*
|
1.0.0
|
1.0.11
|
|
Tp-Link Omada_Sx3832mpp
cpe:2.3:h:tp-link:omada_sx3832mpp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Tl-Sg2428p_Firmware
cpe:2.3:o:tp-link:omada_tl-sg2428p_firmware:*:*:*:*:*:*:*:*
|
4.0.0
|
4.0.26
|
|
Tp-Link Omada_Tl-Sg2428p
cpe:2.3:h:tp-link:omada_tl-sg2428p:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Tl-Sg3428mp_Firmware
cpe:2.3:o:tp-link:omada_tl-sg3428mp_firmware:*:*:*:*:*:*:*:*
|
5.0.0
|
5.0.25
|
|
Tp-Link Omada_Tl-Sg3428mp
cpe:2.3:h:tp-link:omada_tl-sg3428mp:-:*:*:*:*:*:*:*
|
— | — |
|
Tp-Link Omada_Tl-Sg3452p_Firmware
cpe:2.3:o:tp-link:omada_tl-sg3452p_firmware:*:*:*:*:*:*:*:*
|
3.0.0
|
3.0.22
|
|
Tp-Link Omada_Tl-Sg3452p
cpe:2.3:h:tp-link:omada_tl-sg3452p:-:*:*:*:*:*:*:*
|
— | — |
Ссылки 4
https://support.omadanetworks.com/au/download/firmware/
f23511db-6c3e-4e32-a477-6aa17d310630
https://support.omadanetworks.com/en/download/firmware/
f23511db-6c3e-4e32-a477-6aa17d310630
https://support.omadanetworks.com/us/document/118794/
f23511db-6c3e-4e32-a477-6aa17d310630
https://support.omadanetworks.com/us/product/
f23511db-6c3e-4e32-a477-6aa17d310630