CVE-2026-1668

EUVD-2026-12049
The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests.  Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure.  Successful exploitation may allow remote code execution or denial-of-service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
tp-linkomada_sg2005p-pd_firmware
1.0.0 ≤
𝑥
< 1.0.19
tp-linkomada_sg2008_firmware
4.20.0 ≤
𝑥
< 4.20.17
tp-linkomada_sg2008_firmware
4.30.0 ≤
𝑥
< 4.30.1
tp-linkomada_sg2008p_firmware
3.20.0 ≤
𝑥
< 3.20.17
tp-linkomada_sg2008p_firmware
3.30.0 ≤
𝑥
< 3.30.1
tp-linkomada_sg2016p_firmware
1.20.0 ≤
𝑥
< 1.20.17
tp-linkomada_sg2016p_firmware
1.30.0 ≤
𝑥
< 1.30.1
tp-linkomada_sg2210mp_firmware
4.20.0 ≤
𝑥
< 4.20.18
tp-linkomada_sg2210mp_firmware
5.0.0 ≤
𝑥
< 5.0.15
tp-linkomada_sg2210mp_firmware
5.20.0 ≤
𝑥
< 5.20.1
tp-linkomada_sg2210p_firmware
5.20.0 ≤
𝑥
< 5.20.18
tp-linkomada_sg2210p_firmware
5.30.0 ≤
𝑥
< 5.30.1
tp-linkomada_sg2210xmp-m2_firmware
1.0.0 ≤
𝑥
< 1.0.19
tp-linkomada_sg2218_firmware
1.20.0 ≤
𝑥
< 1.20.17
tp-linkomada_sg2218_firmware
1.30.0 ≤
𝑥
< 1.30.1
tp-linkomada_sg2218p_firmware
1.20.0 ≤
𝑥
< 1.20.17
tp-linkomada_sg2218p_firmware
2.0.0 ≤
𝑥
< 2.0.14
tp-linkomada_sg2218p_firmware
2.20.0 ≤
𝑥
< 2.20.2
tp-linkomada_sg2428lp_firmware
1.0.0 ≤
𝑥
< 1.0.13
tp-linkomada_sg2428p_firmware
5.20.0 ≤
𝑥
< 5.20.20
tp-linkomada_sg2428p_firmware
5.30.0 ≤
𝑥
< 5.30.16
tp-linkomada_sg2452lp_firmware
1.0.0 ≤
𝑥
< 1.0.13
tp-linkomada_sg3210_firmware
3.20.0 ≤
𝑥
< 3.20.17
tp-linkomada_sg3210_firmware
3.30.0 ≤
𝑥
< 3.30.1
tp-linkomada_sg3210xhp-m2_firmware
3.0.0 ≤
𝑥
< 3.0.21
tp-linkomada_sg3210x-m2_firmware
1.20.0 ≤
𝑥
< 1.20.1
tp-linkomada_sg3218xp-m2_firmware
1.0.0 ≤
𝑥
< 1.0.19
tp-linkomada_sg3428_firmware
2.30.0 ≤
𝑥
< 2.30.16
tp-linkomada_sg3428_firmware
2.40.0 ≤
𝑥
< 2.40.1
tp-linkomada_sg3428mp_firmware
6.20.0 ≤
𝑥
< 6.20.20
tp-linkomada_sg3428mp_firmware
6.30.0 ≤
𝑥
< 6.30.1
tp-linkomada_sg3428x_firmware
1.30.0 ≤
𝑥
< 1.30.17
tp-linkomada_sg3428x_firmware
1.40.0 ≤
𝑥
< 1.40.1
tp-linkomada_sg3428xf_firmware
1.20.0 ≤
𝑥
< 1.20.16
tp-linkomada_sg3428xf_firmware
1.30.0 ≤
𝑥
< 1.30.1
tp-linkomada_sg3428x-m2_firmware
1.20.0 ≤
𝑥
< 1.20.18
tp-linkomada_sg3428xmp_firmware
3.20.0 ≤
𝑥
< 3.20.21
tp-linkomada_sg3428xmp_firmware
3.30.0 ≤
𝑥
< 3.30.1
tp-linkomada_sg3428xmpp_firmware
1.0.0 ≤
𝑥
< 1.0.16
tp-linkomada_sg3428xmpp_firmware
1.20.0 ≤
𝑥
< 1.20.1
tp-linkomada_sg3428xpp-m2_firmware
1.20.0 ≤
𝑥
< 1.20.19
tp-linkomada_sg3452_firmware
1.20.0 ≤
𝑥
< 1.20.17
tp-linkomada_sg3452_firmware
1.30.0 ≤
𝑥
< 1.30.1
tp-linkomada_sg3452p_firmware
3.30.0 ≤
𝑥
< 3.30.17
tp-linkomada_sg3452p_firmware
3.40.0 ≤
𝑥
< 3.40.1
tp-linkomada_sg3452x_firmware
1.20.0 ≤
𝑥
< 1.20.18
tp-linkomada_sg3452x_firmware
1.30.0 ≤
𝑥
< 1.30.1
tp-linkomada_sg3452xmpp_firmware
1.0.0 ≤
𝑥
< 1.0.15
tp-linkomada_sg3452xp_firmware
2.20.0 ≤
𝑥
< 2.20.20
tp-linkomada_sg3452xp_firmware
2.30.0 ≤
𝑥
< 2.30.1
tp-linkomada_sl2428p_firmware
6.20.0 ≤
𝑥
< 6.20.18
tp-linkomada_sx3008f_firmware
1.20.0 ≤
𝑥
< 1.20.12
tp-linkomada_sx3016f_firmware
1.20.0 ≤
𝑥
< 1.20.16
tp-linkomada_sx3016f_firmware
1.30.0 ≤
𝑥
< 1.30.1
tp-linkomada_sx3032f_firmware
1.0.0 ≤
𝑥
< 1.0.15
tp-linkomada_sx3206hpp_firmware
1.20.0 ≤
𝑥
< 1.20.12
tp-linkomada_sx3832_firmware
1.0.0 ≤
𝑥
< 1.0.12
tp-linkomada_sx3832mpp_firmware
1.0.0 ≤
𝑥
< 1.0.11
tp-linkomada_tl-sg2428p_firmware
4.0.0 ≤
𝑥
< 4.0.26
tp-linkomada_tl-sg3428mp_firmware
5.0.0 ≤
𝑥
< 5.0.25
tp-linkomada_tl-sg3452p_firmware
3.0.0 ≤
𝑥
< 3.0.22
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.omadanetworks.com/au/download/firmware/
https://support.omadanetworks.com/en/download/firmware/
https://support.omadanetworks.com/us/document/118794/
https://support.omadanetworks.com/us/product/