Cyber Resilience

CVE-2026-1668

High

Published: 13 March 2026

Published
13 March 2026
Modified
02 April 2026
KEV Added
Patch
CVSS Score v4 7.7 CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0097 57.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-1668 is a high-severity Improper Input Validation (CWE-20) vulnerability in Tp-Link Omada Sg2210Mp Firmware. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 42.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-1668 is a vulnerability in the web interface on multiple Omada switches, where certain external inputs are not adequately validated. This deficiency can lead to out-of-bounds memory access when processing crafted requests. Under specific conditions, the flaw may result in unintended command execution. The issue is linked to CWE-20 (Improper Input Validation) and CWE-787 (Out-of-bounds Write), with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

An unauthenticated attacker with network access to the affected interface can exploit this vulnerability to cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.

Omada Networks provides mitigation through firmware updates available on their support sites, including regional download pages at https://support.omadanetworks.com/au/download/firmware/, https://support.omadanetworks.com/en/download/firmware/, and https://support.omadanetworks.com/us/download/firmware/, along with detailed documentation at https://support.omadanetworks.com/us/document/118794/ and product information at https://support.omadanetworks.com/us/product/.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network…

more

access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Unauthenticated remote exploitation of the web interface on network switches for RCE or DoS directly enables T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-25897Same vendor: Tp-Link
CVE-2025-25901Same vendor: Tp-Link
CVE-2026-34121Same vendor: Tp-Link
CVE-2025-25898Same vendor: Tp-Link
CVE-2024-57049Same vendor: Tp-Link
CVE-2026-0834Same vendor: Tp-Link
CVE-2026-1315Same vendor: Tp-Link
CVE-2025-15517Same vendor: Tp-Link
CVE-2025-9292Same vendor: Tp-Link
CVE-2025-15606Same vendor: Tp-Link

Affected Assets

tp-link
omada sg2005p-pd firmware
1.0.0 — 1.0.19
tp-link
omada sg2008 firmware
4.20.0 — 4.20.17 · 4.30.0 — 4.30.1
tp-link
omada sg2008p firmware
3.20.0 — 3.20.17 · 3.30.0 — 3.30.1
tp-link
omada sg2016p firmware
1.20.0 — 1.20.17 · 1.30.0 — 1.30.1
tp-link
omada sg2210mp firmware
4.20.0 — 4.20.18 · 5.0.0 — 5.0.15 · 5.20.0 — 5.20.1
tp-link
omada sg2210p firmware
5.20.0 — 5.20.18 · 5.30.0 — 5.30.1
tp-link
omada sg2210xmp-m2 firmware
1.0.0 — 1.0.19
tp-link
omada sg2218 firmware
1.20.0 — 1.20.17 · 1.30.0 — 1.30.1
tp-link
omada sg2218p firmware
1.20.0 — 1.20.17 · 2.0.0 — 2.0.14 · 2.20.0 — 2.20.2
tp-link
omada sg2428lp firmware
1.0.0 — 1.0.13
+29 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces input validation mechanisms to prevent crafted requests from causing out-of-bounds memory access in the web interface.

prevent

Implements memory protection techniques like address space randomization to mitigate out-of-bounds writes leading to memory corruption or RCE.

prevent

Ensures timely identification, reporting, and patching of flaws like this input validation vulnerability via firmware updates.

References