FKIE_CVE-2026-1668
Vulnerability from fkie_nvd - Published: 2026-03-13 19:53 - Updated: 2026-04-02 15:03
Severity ?
Summary
The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2005p-pd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F442622-A627-45A3-A268-52258945E3FD",
"versionEndExcluding": "1.0.19",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2005p-pd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E30DC41-D802-4A16-8192-161BF889AFCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2008_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C14AB4-7326-4367-AEFC-8F741CB2CB1C",
"versionEndExcluding": "4.20.17",
"versionStartIncluding": "4.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2008_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E0322E-ED92-4B48-9FE9-3C30F39F9710",
"versionEndExcluding": "4.30.1",
"versionStartIncluding": "4.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D360F8F-92C4-4ED9-95D0-8C1F6F2FEC8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2008p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9EFE7A-FF39-4B2E-82C1-04121C2C9D24",
"versionEndExcluding": "3.20.17",
"versionStartIncluding": "3.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2008p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19BB14BE-02C6-47AD-8DCB-848263B5A812",
"versionEndExcluding": "3.30.1",
"versionStartIncluding": "3.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2008p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B45EE288-81F0-4FD5-970B-6663F54DBC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2016p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8D1A0A-0718-4CAF-826C-7977702C0875",
"versionEndExcluding": "1.20.17",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2016p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F75416B-E723-475D-8C29-0A04F547A6D3",
"versionEndExcluding": "1.30.1",
"versionStartIncluding": "1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2016p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4290A113-B61D-4936-9D55-C1B49180DE82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2210mp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "250A2C0E-7323-41E6-87DC-DA23AAF90F6E",
"versionEndExcluding": "4.20.18",
"versionStartIncluding": "4.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2210mp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5495C962-135D-427C-91AD-CC773F487198",
"versionEndExcluding": "5.0.15",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2210mp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D024801-A31E-4480-828F-416655512E83",
"versionEndExcluding": "5.20.1",
"versionStartIncluding": "5.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2210mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "926000F4-0B81-4E0F-8232-860C2A2745D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2210p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F700E3-E24D-4126-AD8B-F2D8EC2CD0DB",
"versionEndExcluding": "5.20.18",
"versionStartIncluding": "5.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2210p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "091AB8B5-E644-4A7E-B422-61E278D08EBE",
"versionEndExcluding": "5.30.1",
"versionStartIncluding": "5.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2210p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D371E850-1A98-41A5-9A95-CBDE21A76ACE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2210xmp-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E57BD2FD-8266-481E-9C06-724C5614F797",
"versionEndExcluding": "1.0.19",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2210xmp-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E197C0-81C4-4AA8-9E12-D4DB5A2928EC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2218_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "632C07BD-3245-49E2-82C7-C95199E83FBF",
"versionEndExcluding": "1.20.17",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2218_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34921179-1C3C-4474-9A8C-76C772369E06",
"versionEndExcluding": "1.30.1",
"versionStartIncluding": "1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2218:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8075-5078-4A6F-8123-D321807DC786",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2218p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46AB5247-1522-441B-B2E8-1E71974D2773",
"versionEndExcluding": "1.20.17",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2218p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAE05EAC-54C7-4EC0-91D5-E8A669DBFC88",
"versionEndExcluding": "2.0.14",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2218p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87A33B95-0948-43AB-8B1F-2E01D1C47659",
"versionEndExcluding": "2.20.2",
"versionStartIncluding": "2.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2218p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "378EAC66-B76A-4ECA-88CB-3F14985D8A68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2428lp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC2BE28-2831-4E9D-96B2-5F76D251B915",
"versionEndExcluding": "1.0.13",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2428lp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E3DDFC-E3D0-47EE-83EE-EC5B4CE4B489",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2428p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D84F985C-7E47-4195-A110-696949E71770",
"versionEndExcluding": "5.20.20",
"versionStartIncluding": "5.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2428p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24A0D662-A963-4434-92F2-004FFB3EE682",
"versionEndExcluding": "5.30.16",
"versionStartIncluding": "5.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2428p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51E52787-AE06-40E8-B753-3D2289FBE7C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg2452lp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DAF94C-3889-41EA-8793-F20552AB64FC",
"versionEndExcluding": "1.0.13",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg2452lp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E463EE2C-9B8B-4AB8-B8E3-D586F4BEB8EC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1E164-A64A-4217-8A69-15FA28958159",
"versionEndExcluding": "3.20.17",
"versionStartIncluding": "3.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3210_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10BE36-49C9-42ED-A9F7-32C0E319A1C7",
"versionEndExcluding": "3.30.1",
"versionStartIncluding": "3.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DE9E85-0C50-4047-8CE7-EC54FB3A8F1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3210xhp-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB50B9-5DBB-46D9-AC53-4F3A814F8EDC",
"versionEndExcluding": "3.0.21",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3210xhp-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CDEA62A-71EE-4A25-AECE-19F4D0BE1E1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3210x-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "921AFD1B-F9D0-486C-A4B5-E1B053F6667C",
"versionEndExcluding": "1.20.1",
"versionStartIncluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3210x-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9562D570-5365-47F4-9A29-6D4079C6E1EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3218xp-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE5F410D-06A3-4E7B-A1CD-2330EBF8BEE1",
"versionEndExcluding": "1.0.19",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3218xp-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54B2B69D-6F92-4CA8-BAD5-B56E63169F5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061F253D-D425-4ABD-852C-74B444749D23",
"versionEndExcluding": "2.30.16",
"versionStartIncluding": "2.30.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E187948C-9AF3-41FC-88CF-560F667BED5E",
"versionEndExcluding": "2.40.1",
"versionStartIncluding": "2.40.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1C5645-5789-414A-980F-C943E0B2AD59",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428mp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86664BB3-FB10-43B1-8F19-0BAE2E394F22",
"versionEndExcluding": "6.20.20",
"versionStartIncluding": "6.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428mp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70747A4A-18EB-434B-9A54-3E3C52A363AC",
"versionEndExcluding": "6.30.1",
"versionStartIncluding": "6.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1579D0-F385-4909-871D-20309C36C549",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5821EF1C-E18F-42F5-8414-CDF9C0426275",
"versionEndExcluding": "1.30.17",
"versionStartIncluding": "1.30.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93170151-DE56-4418-821E-EE410462AA93",
"versionEndExcluding": "1.40.1",
"versionStartIncluding": "1.40.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00DFF5AB-3FD9-4E55-8C38-217D1828FEA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E7ADAA5-8212-4DA0-BD36-CC580E7AE8F9",
"versionEndExcluding": "1.20.16",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBCE3C6-5845-47FB-9083-8184FCFEABDE",
"versionEndExcluding": "1.30.1",
"versionStartIncluding": "1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428xf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11906635-9EFA-4B5F-BDAC-C1A7E26BF000",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428x-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7D6F58-521B-46E1-B4B3-4D3061F220CA",
"versionEndExcluding": "1.20.18",
"versionStartIncluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428x-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "502642DB-FF8E-4F7F-B565-83B3C2A991B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xmp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4746C846-0749-4F65-B9C4-55736215623B",
"versionEndExcluding": "3.20.21",
"versionStartIncluding": "3.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xmp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F19CA3D9-CEA5-4766-8956-61DA87281D06",
"versionEndExcluding": "3.30.1",
"versionStartIncluding": "3.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428xmp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2A4332-30CA-485B-A70D-8EFD9C54EC58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xmpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B2A11B-58BB-477A-88BA-960411B615D8",
"versionEndExcluding": "1.0.16",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xmpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67D7112F-4EC9-4544-A60B-80933896C9E7",
"versionEndExcluding": "1.20.1",
"versionStartIncluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428xmpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3678FDA8-8965-48FA-9D3B-6FDF1DB4B18F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3428xpp-m2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1646A141-C063-4B17-A960-05EE85A41C4B",
"versionEndExcluding": "1.20.19",
"versionStartIncluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3428xpp-m2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62CE4DBE-BA37-4ECA-A8B0-4CABEEC4470F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40E75594-8230-4ECA-A0DB-A2E4DD2E24E5",
"versionEndExcluding": "1.20.17",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCE1D70-D3E2-4777-B72A-4F9F33740D94",
"versionEndExcluding": "1.30.1",
"versionStartIncluding": "1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3452:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7050BD01-596D-42B1-AAA9-470CFF33F64A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1297948B-786C-4A87-AD96-9B7B5110A693",
"versionEndExcluding": "3.30.17",
"versionStartIncluding": "3.30.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36F354A4-73B7-4E73-9900-AB659E719A71",
"versionEndExcluding": "3.40.1",
"versionStartIncluding": "3.40.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3452p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B808CBF-10B8-4E0A-86E6-3936C39B98D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7139693-6A51-4A00-A4FB-9D70E015B220",
"versionEndExcluding": "1.20.18",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA5EC76-22F8-4543-AD58-707E97CCE19B",
"versionEndExcluding": "1.30.1",
"versionStartIncluding": "1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3452x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55C3A44F-0D3A-408E-AD90-CDA8001DEBC6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452xmpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC1C04B-C449-4E80-BBCD-86EA39A2219E",
"versionEndExcluding": "1.0.15",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3452xmpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B826EA38-D173-4331-A406-39DD4AB99AC2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452xp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9AEFEF1-8513-4653-95C0-732B0C09B258",
"versionEndExcluding": "2.20.20",
"versionStartIncluding": "2.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sg3452xp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCA7E5F-198B-434A-86E5-D498B55EB105",
"versionEndExcluding": "2.30.1",
"versionStartIncluding": "2.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sg3452xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1863A24C-9CB3-42FB-8144-C63224D5B399",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sl2428p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3463F2-C828-4663-8BF1-3480582B2174",
"versionEndExcluding": "6.20.18",
"versionStartIncluding": "6.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sl2428p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3A7E58-B90E-4623-A0C2-C0826F6B9B58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3008f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2480D2-A33E-437F-8880-6A3EC05DA274",
"versionEndExcluding": "1.20.12",
"versionStartIncluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sx3008f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D73C0E40-698E-433A-9125-801770D1164A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3016f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFD7778-C51F-47C4-93CA-C1B9CB9F66C0",
"versionEndExcluding": "1.20.16",
"versionStartIncluding": "1.20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3016f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70111915-F659-4287-B940-9A822C5CAD9C",
"versionEndExcluding": "1.30.1",
"versionStartIncluding": "1.30.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sx3016f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D814737F-44E5-4352-A37A-1C54EB8E41D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3032f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14C35B6E-BC52-4048-A048-DEDFE7036EF4",
"versionEndExcluding": "1.0.15",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sx3032f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79CB0C2F-EF20-4685-A11B-EF0E59AE0AF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3206hpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "644FA08E-2B0E-494A-9EE1-EB5AACB45DB3",
"versionEndExcluding": "1.20.12",
"versionStartIncluding": "1.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sx3206hpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4B1462-A413-4834-9B93-D068AE96564E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E11AE377-EC29-4207-A497-4FA5DCCE23E4",
"versionEndExcluding": "1.0.12",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sx3832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41240976-9B4B-449B-A464-31AF774B29C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_sx3832mpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF5012F-EA43-4A3C-96F4-573B469E7D0B",
"versionEndExcluding": "1.0.11",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_sx3832mpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A51079F-EEA0-4E29-AD44-D802F696180B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_tl-sg2428p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "532BB83D-FC0A-419A-B0BC-D0FA9D339B52",
"versionEndExcluding": "4.0.26",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_tl-sg2428p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54F0CFE5-2BB0-43DD-937A-334180200850",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_tl-sg3428mp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7309CE7-FB5B-4FA4-B587-7330F60515C1",
"versionEndExcluding": "5.0.25",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_tl-sg3428mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E6DA7C-A923-48B0-B5F1-ABDA47C04E58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_tl-sg3452p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D53B71A-6528-47EE-8A21-B644EBB8AE50",
"versionEndExcluding": "3.0.22",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_tl-sg3452p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43DB8AA3-4E53-4384-A62C-A822D2B46C1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.\u003cbr\u003eAn unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service."
},
{
"lang": "es",
"value": "La interfaz web en m\u00faltiples switches Omada no valida adecuadamente ciertas entradas externas, lo que puede llevar a acceso a memoria fuera de l\u00edmites al procesar solicitudes manipuladas. Bajo condiciones espec\u00edficas, esta vulnerabilidad puede resultar en ejecuci\u00f3n de comandos no intencionada. Un atacante no autenticado con acceso de red a la interfaz afectada puede causar corrupci\u00f3n de memoria, inestabilidad del servicio o revelaci\u00f3n de informaci\u00f3n. La explotaci\u00f3n exitosa puede permitir ejecuci\u00f3n remota de c\u00f3digo o denegaci\u00f3n de servicio."
}
],
"id": "CVE-2026-1668",
"lastModified": "2026-04-02T15:03:02.430",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "f23511db-6c3e-4e32-a477-6aa17d310630",
"type": "Secondary"
}
]
},
"published": "2026-03-13T19:53:58.160",
"references": [
{
"source": "f23511db-6c3e-4e32-a477-6aa17d310630",
"tags": [
"Product"
],
"url": "https://support.omadanetworks.com/au/download/firmware/"
},
{
"source": "f23511db-6c3e-4e32-a477-6aa17d310630",
"tags": [
"Product"
],
"url": "https://support.omadanetworks.com/en/download/firmware/"
},
{
"source": "f23511db-6c3e-4e32-a477-6aa17d310630",
"tags": [
"Vendor Advisory"
],
"url": "https://support.omadanetworks.com/us/document/118794/"
},
{
"source": "f23511db-6c3e-4e32-a477-6aa17d310630",
"tags": [
"Product"
],
"url": "https://support.omadanetworks.com/us/product/"
}
],
"sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "f23511db-6c3e-4e32-a477-6aa17d310630",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…