Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Permissive Web Security Policy Allows Cross-Origin Access Control Bypass on Omada Cloud Controllers
Vulnerability Description
A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection vulnerability and user access to the affected web interface. Successful exploitation could allow unauthorized disclosure of sensitive information. Fixed in updated Omada Cloud Controller service versions deployed automatically by TP‑Link. No user action is required.
CVSS Information
N/A
Vulnerability Type
过度许可的跨域白名单
Vulnerability Title
TP-Link Omada Cloud Controller 安全漏洞
Vulnerability Description
TP-Link Omada Cloud Controller是中国普联(TP-Link)公司的一个中央管理软件。 TP-Link Omada Cloud Controller存在安全漏洞,该漏洞源于宽松的Web安全配置,可能导致在特定情况下绕过现代浏览器强制执行的跨域限制。
CVSS Information
N/A
Vulnerability Type
N/A