mikrotik
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting mikrotik.
- CVE-2024-27686Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445.7.5
- CVE-2025-42611Improper certificate validation in multiple RouterOS services6.5
- CVE-2026-7668MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds7.3
- CVE-2025-61481An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over cleartext HTTP by default, allowing an on-path attacker to execute injected JavaScript in the adm...10.0
- CVE-2025-10948MikroTik RouterOS libjson.so print parse_json_element buffer overflow8.8
- CVE-2025-6563Cross-site scripting via dst parameter in RouterOS WiFi hotspot4.6
- CVE-2023-47310A misconfiguration in the default settings of MikroTik RouterOS 7 and fixed in v7.14 allows incoming IPv6 UDP traceroute packets.6.5
- CVE-2025-6443Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability7.2
- CVE-2024-54952MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a nul...7.5
- CVE-2024-54772An issue was discovered in the Winbox service of MikroTik RouterOS long-term release v6.43.13 through v6.49.13 and stable v6.43 through v7.17.2. A patch is available in the stable release v6.49.18....5.4
- CVE-2023-32154Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability7.5
- CVE-2024-2169Implementations of UDP application protocols are susceptible to network loops and denial of service7.5
- CVE-2023-41570MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.5.3
- CVE-2023-30800MikroTik RouterOS Web Interface Heap Corruption7.5
- CVE-2023-30799MikroTik RouterOS Administrator Privilege Escalation9.1