Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows do not control privileges for usage of the Web API, allowing a low-privilege user to make any request as an Administrator. This is fixed in version 2.6.1_Windows.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TP-Link EAP Controller和Omada Controller 安全漏洞
Vulnerability Description
TP-Link EAP Controller和Omada Controller都是中国普联(TP-LINK)公司的用于远程控制无线AP接入点设备的软件。 TP-Link EAP Controller和Omada Controller 2.5.4_Windows版本和2.6.0_Windows版本中存在安全漏洞,该漏洞源于程序没有控制Web API的使用权限。攻击者可利用该漏洞以管理员身份发送请求。
CVSS Information
N/A
Vulnerability Type
N/A