CVE-2025-6541
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-21

Last updated on: 2025-10-24

Assigner: TPLink

Description
An arbitrary OS command may be executed on the product by the user who can log in to the web management interface.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-21
Last Modified
2025-10-24
Generated
2026-06-16
AI Q&A
2025-10-21
EPSS Evaluated
2026-06-15
NVD
CVE-2025-6541
Affected Vendors & Products
Showing 39 associated CPEs
Vendor Product Version / Range
tp-link er706w_firmware to 1.2.1 (exc)
tp-link er706w_firmware 1.2.1
tp-link er706w *
tp-link er706w-4g_firmware to 1.2.1 (exc)
tp-link er706w-4g_firmware 1.2.1
tp-link er706w-4g *
tp-link er7212pc_firmware to 2.1.3 (exc)
tp-link er7212pc_firmware 2.1.3
tp-link er7212pc *
tp-link g36_firmware to 1.1.4 (exc)
tp-link g36_firmware 1.1.4
tp-link g36 *
tp-link g611_firmware to 1.2.2 (exc)
tp-link g611_firmware 1.2.2
tp-link g611 *
tp-link fr365_firmware to 1.1.10 (exc)
tp-link fr365_firmware 1.1.10
tp-link fr365 *
tp-link fr205_firmware to 1.0.3 (exc)
tp-link fr205_firmware 1.0.3
tp-link fr205 *
tp-link fr307-m2_firmware to 1.2.5 (exc)
tp-link fr307-m2_firmware 1.2.5
tp-link fr307-m2 *
tp-link er8411_firmware to 1.3.3 (exc)
tp-link er8411_firmware 1.3.3
tp-link er8411 *
tp-link er7412-m2_firmware to 1.1.0 (exc)
tp-link er7412-m2_firmware 1.1.0
tp-link er7412-m2 *
tp-link er707-m2_firmware to 1.3.1 (exc)
tp-link er707-m2_firmware 1.3.1
tp-link er707-m2 *
tp-link er7206_firmware to 2.2.2 (exc)
tp-link er7206_firmware 2.2.2
tp-link er7206 *
tp-link er605_firmware to 2.3.1 (exc)
tp-link er605_firmware 2.3.1
tp-link er605 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-6541 is an OS command injection vulnerability in Omada gateways that allows a user logged into the web management interface to execute arbitrary operating system commands on the device. This means an attacker with access to the interface can run any OS-level commands, potentially compromising the device. [1]

Impact Analysis

This vulnerability can have significant security impacts including compromising the confidentiality, integrity, and availability of the affected device. An attacker could execute arbitrary commands on the device's operating system, potentially leading to unauthorized access, data breaches, disruption of services, or complete device takeover. [1]

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the affected Omada gateway devices to the latest fixed firmware versions equal to or later than the specified builds for each model. After upgrading, verify the device configurations to ensure settings remain secure and as intended. Failure to update leaves devices vulnerable to exploitation. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-6541. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart