Tp-link Oc300 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Tp-link Oc300 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-9290 — CVSS 5.9 (medium): An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper…
CVE-2025-9289 — CVSS 4.7 (medium): A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization…