CVE-2025-9520
IDOR Leading to Owner Account Hijacking in Omada Controller
An IDOR vulnerability exists in Omada Controllers that allows an attacker with Administrator permissions to manipulate requests and potentially hijack the Owner account.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:L/SI:H/SA:L
Affected products
TP-Link Systems Inc. · Omada ControllerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →