URGENT: Where are the firmware updates for the security issue Oct 2025
URGENT: Where are the firmware updates for the security issue Oct 2025

Hi,
Regarding the "TP-Link warns of critical command injection vulnerabilities in Omada gateways" advisories doing the rounds in the past 48 hours or so, my Omada controller (OC220 on version 6.0.0.31) is not offering any firmware update for my ER707-M2 nor is there any download available from support pages dated any time recently, nor any 1.3.1+ firmware (the advisory says 1.3.1+ is OK).
Where can I source these patched and secured firmwares as a matter of urgency, it seems like the announcement has appeared before the firmware has been updated or released?
Thanks.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
you can download the latest firmware here.
filter by type and firmware
https://support.omadanetworks.com/en/product/er707-m2/v1/?resourceType=download
- Copy Link
- Report Inappropriate Content
Found them, the Australian support site only has firmware from 2024, not updated. The firmware is here: https://support.omadanetworks.com/us/product/er707-m2/v1/
- Copy Link
- Report Inappropriate Content
you can download the latest firmware here.
filter by type and firmware
https://support.omadanetworks.com/en/product/er707-m2/v1/?resourceType=download
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@RaMoNsTeR I've got a ER706w-4g and the AU site has zero updates. why is the AU site so bad? the link you put there is for the US site and i don't think our hardware is the same over here more EU and US?
- Copy Link
- Report Inappropriate Content
@locn I just checked in with our team here. Unfortunately, the AU team has not yet released the firmware update for this device. Thank you for your patience as they release the updates for that device.
- Copy Link
- Report Inappropriate Content
@NeilR_M Hi Neil. Thanks for the update. I've been using the global site to get the most up to date firmwares using the (EU) firmware which has worked fine.
- Copy Link
- Report Inappropriate Content
@NeilR_M sorry to divert the converstation, but do you know if ER7212PC(UN)_V1_1.3.2 Build 20251015 resolves this security issue? the alert only mentions v2.1.3 firmware
- Copy Link
- Report Inappropriate Content
@RaMoNsTeR sadly, it's the same for at least ER605v2 and EU.
No update via Omada, no notification - nothing - you have to download the firmware from the international site and manually deploy it :(
Given the high CVE scores, you'd think they'd make that a top priority but apparently not :(
- Copy Link
- Report Inappropriate Content
Can confirm, controller is not listing current new batch of gateway firmwares at all.
Also to anyone concerned, all gateways use a unified hardware firmware, it doesnt matter what region you download it from, it will work, as long as its the right model and hardware version. There re no US, UK, AU, EU etc hardware differences at all
- Copy Link
- Report Inappropriate Content
@GERichard Yes, that firmware update resolves the security issue.
- Copy Link
- Report Inappropriate Content

Information
Helpful: 1
Views: 466
Replies: 14
Voters 0
No one has voted for it yet.