CVE-2026-1668
HIGH
7,7
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Attack Vector: adjacent
Attack Complexity: high
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
Description
AI Translation Available
The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0006
Percentile
0,2th
Updated
EPSS Score Trend (Last 3 Days)
20
Improper Input Validation
StableCommon Consequences
Security Scopes Affected:
Availability
Confidentiality
Integrity
Potential Impacts:
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Read Memory
Read Files Or Directories
Modify Memory
Execute Unauthorized Code Or Commands
Applicable Platforms
All platforms may be affected
https://support.omadanetworks.com/au/download/firmware/
https://support.omadanetworks.com/en/download/firmware/
https://support.omadanetworks.com/us/document/118794/
https://support.omadanetworks.com/us/product/