21.10.2025
2 min
532
TP-Link has released a security update for its Omada Gateway devices, patching four critical vulnerabilities, two of which could allow remote code execution (RCE) without authentication. According to a TP-Link advisory published on October 22, 2025, the four vulnerabilities are CVE-2025-6541, CVE-2025-6542, CVE-2025-7850, and CVE-2025-7851.
The first two are of the highest severity (CVSS 9.3) and allow execution of arbitrary operating system commands even by a remote, unauthenticated attacker. The rest concern improper privilege management and command entry by users who have access to the web interface.
The vulnerabilities affect a number of models, including ER8411, ER7412-M2, ER707-M2, ER7206, ER605, ER706W, ER706W-4G, ER7212PC, G36, G611, FR365, FR205, and FR307-M2 — all versions below the respective builds dated October 2025.
The company urges users to immediately update their firmware to the latest available versions and to verify their settings after the update to ensure they remain correct and secure.
Omada Gateway is an enterprise line of TP-Link routers used to manage small and medium-sized business networks. Such vulnerabilities are particularly dangerous, as they allow attackers to access internal systems, modify configurations, or completely seize control of the device.
TP-Link stressed that there is currently no evidence of these vulnerabilities being actively exploited in the wild, but ignoring the update could compromise the security of the entire corporate network. TP-Link urges administrators to immediately download the latest firmware updates and ensure that systems are protected. The company also reminded that it is not responsible for the possible consequences if update recommendations are ignored.
