CVE-2025-7375 is a denial-of-service vulnerability identified in TP-Link Systems Inc.'s Omada EAP610 v3 wireless access point devices. The root cause is improper input validation (CWE-20) in the device's HTTP service, which handles management and configuration requests. An attacker with adjacent network access—meaning they must be on the same local network or connected via a bridged network segment—can send specially crafted HTTP requests designed to exploit this flaw. These malformed requests cause the HTTP service to crash, leading to a denial-of-service condition where the device becomes temporarily unavailable until it is rebooted. The vulnerability affects firmware versions prior to 1.6.0, indicating that the vendor has addressed the issue in later firmware releases. The CVSS v4.0 base score is 6.9 (medium severity), reflecting that the attack vector is adjacent network (AV:A), with low attack complexity (AC:L), no privileges required (PR:L), no user interaction (UI:N), and a high impact on availability (VA:H). Confidentiality and integrity impacts are none. No known exploits have been reported in the wild, but the vulnerability could be leveraged by malicious insiders or attackers who gain local network access. The lack of authentication requirement for the attack increases risk in environments where network segmentation or access controls are weak. This vulnerability highlights the importance of robust input validation in embedded device management services to prevent service disruption.

The primary impact of CVE-2025-7375 is the temporary denial of wireless network availability due to the crash of the HTTP management service on affected Omada EAP610 v3 devices. This can disrupt business operations relying on wireless connectivity, including enterprise communications, guest access, and IoT device connectivity. In environments where these devices serve critical roles, such as hospitals, educational institutions, or corporate offices, the disruption could lead to productivity losses and operational delays. Although the attack does not compromise confidentiality or integrity, the availability impact can facilitate secondary attacks by creating network blind spots or forcing fallback to less secure connectivity methods. The requirement for adjacent network access limits remote exploitation but does not eliminate risk in poorly segmented networks or environments with insider threats. Organizations with large deployments of these devices may face increased risk of widespread disruption if multiple devices are targeted simultaneously. The absence of known exploits reduces immediate risk but should not lead to complacency given the medium severity and ease of triggering the condition.

1. Upgrade all affected Omada EAP610 v3 devices to firmware version 1.6.0 or later as soon as the vendor releases the patch to address this vulnerability. 2. Implement strict network segmentation to limit access to management interfaces only to trusted administrators and systems, reducing the risk of adjacent network attackers. 3. Disable or restrict HTTP management access where possible, favoring more secure protocols such as HTTPS with strong authentication. 4. Monitor network traffic for unusual or malformed HTTP requests targeting the devices’ management interfaces to detect potential exploitation attempts. 5. Employ network access control (NAC) solutions to prevent unauthorized devices from connecting to the local network segments hosting these access points. 6. Regularly audit firmware versions and device configurations to ensure compliance with security best practices. 7. Educate network administrators about the risk of local network attacks and the importance of physical and logical access controls.