CVE-2026-1668

CRITICAL

Input Validation Vulnerability on Multiple Omada Switches

Title source: cna

Description

The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.

Exploits (1)

nomisec WORKING POC

by tangrs · poc

https://github.com/tangrs/cve-2026-1668-poc

View Code ZIP pw:eip

References (4)

[Various Sources] https://support.omadanetworks.com/au/download/firmware/

[Various Sources] https://support.omadanetworks.com/en/download/firmware/

[Various Sources] https://support.omadanetworks.com/us/document/118794/

[Various Sources] https://support.omadanetworks.com/us/product/

Scores

CVSS v3 9.8

EPSS 0.0014

EPSS Percentile 33.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20 CWE-787

Status published

Products (50)

tp-link/omada_sg2005p-pd_firmware 1.0.0 - 1.0.19

tp-link/omada_sg2008_firmware 4.20.0 - 4.20.17

tp-link/omada_sg2008p_firmware 3.20.0 - 3.20.17

tp-link/omada_sg2016p_firmware 1.20.0 - 1.20.17

tp-link/omada_sg2210mp_firmware 4.20.0 - 4.20.18

tp-link/omada_sg2210p_firmware 5.20.0 - 5.20.18

tp-link/omada_sg2210xmp-m2_firmware 1.0.0 - 1.0.19

tp-link/omada_sg2218_firmware 1.20.0 - 1.20.17

tp-link/omada_sg2218p_firmware 1.20.0 - 1.20.17

tp-link/omada_sg2428lp_firmware 1.0.0 - 1.0.13

... and 40 more

Published Mar 13, 2026

Tracked Since Mar 14, 2026