CVE-2025-9290 - CERT CVE
ID CVE-2025-9290
Sažetak An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality.
Reference
CVSS
Base: 5.9
Impact: 3.6
Exploitability:2.2
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Zadnje važnije ažuriranje 16-03-2026 - 18:07
Objavljeno 23-01-2026 - 00:15