Pakistan’s National Cyber Emergency Response Team (PKCERT) has issued a high-priority advisory alerting that multiple critical vulnerabilities in TP-Link Omada enterprise gateway devices are being actively exploited, potentially exposing government institutions, telecom networks, universities, and corporate enterprises to full network compromise.
According to PKCERT advisory NCA-50.031125, four major flaws i.e., CVE-2025-6541, CVE-2025-6542, CVE-2025-7850, and CVE-2025-7851 enable unauthenticated remote attackers to execute arbitrary code, seize administrator control, and deploy persistent malware across internal systems. The affected products include widely deployed Omada gateway models such as ER8411, ER7412-M2, ER707-M2, ER706, and ER605, particularly those running firmware versions released before late 2025.
PKCERT has warned that organisations relying on TP-Link Omada devices face heightened exposure. These include public sector departments, telecom operators, educational institutions, and large enterprise offices.
What makes these vulnerabilities particularly severe is that some exploit chains require no valid credentials, allowing attackers to breach networks without any prior access.
This is why PKCERT has urged all organisations using affected devices to implement the following defensive measures immediately:
Experts warn that edge and gateway devices (once considered low-priority for patching) have become prime targets for cyber adversaries seeking persistent access to national networks.
Infiltration at this level could enable attackers to intercept or manipulate traffic, exfiltrate sensitive data, or launch ransomware or espionage campaigns against critical infrastructure.