CVE 8.7 HIGH

Unauthorized root access via debug functionality_CVE-2025-7851

October 21, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H

Description

An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.

AI Analysis

Unauthorized root access via debug functionality on Omada gateways

Basic Information

ID CVE-2025-7851

Source TPLink

Published Oct 21, 2025 at 00:29

Affected Product

Vendor TP-Link Systems Inc.

Product Omada gateways

Affected Versions TP-Link Systems Inc. Omada gateways 0
TP-Link Systems Inc. Festa gateways 0
TP-Link Systems Inc. Omada Pro gateways 0

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor TP-Link

Product Omada gateways

References

{
    "lastseen": "",
    "description": "An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.",
    "published": "2025-10-21T00:29:05.809Z",
    "modified": "2025-10-21T00:29:05.809Z",
    "type": "cve",
    "title": "Unauthorized root access via debug functionality",
    "source": "TPLink",
    "references": "https://support.omadanetworks.com/en/document/108456/\nhttps://www.omadanetworks.com/us/business-networking/all-omada-router/\nhttps://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router/\nhttps://www.tp-link.com/us/business-networking/soho-festa-gateway/",
    "id": "CVE-2025-7851",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "TP-Link Systems Inc. Omada gateways 0\nTP-Link Systems Inc. Festa gateways 0\nTP-Link Systems Inc. Omada Pro gateways 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Omada gateways",
    "version": "0",
    "vendor": "TP-Link Systems Inc.",
    "ai_description": "Unauthorized root access via debug functionality on Omada gateways",
    "ai_severity": "High",
    "ai_vendor": "TP-Link",
    "ai_product": "Omada gateways",
    "ai_version": "0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply