CVE-2025-9522

Name of the Vulnerable Software and Affected Versions Omada Controllers (affected versions not specified)

Description A flaw exists in Omada Controllers related to the webhook functionality, allowing for Blind Server-Side Request Forgery (SSRF). This issue enables crafted requests to be sent to internal services, potentially leading to information disclosure through enumeration. The vulnerability allows an attacker to make requests on behalf of the server, accessing internal resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.