Vulnerabilities in Mikrotik
11 resultsCVE-2024-2169HIGHImplementations of UDP application protocols are susceptible to network loops and denial of serviceEPSS 5.4%CVE-2019-3943—MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authEPSS 3.7%CVE-2023-30800HIGHMikroTik RouterOS Web Interface Heap CorruptionEPSS 1.7%CVE-2023-30799CRITICALMikroTik RouterOS Administrator Privilege EscalationEPSS 1.3%CVE-2019-3981—MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication proEPSS 1.1%CVE-2025-10948HIGHMikroTik RouterOS libjson.so print parse_json_element buffer overflowEPSS 0.7%CVE-2025-6563MEDIUMCross-site scripting via dst parameter in RouterOS WiFi hotspotEPSS 0.6%CVE-2023-32154HIGHMikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution VulnerabilityEPSS 0.6%CVE-2025-6443HIGHMikrotik RouterOS VXLAN Source IP Improper Access Control VulnerabilityEPSS 0.5%CVE-2026-7668MEDIUMMikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-boundsEPSS 0.3%CVE-2025-42611MEDIUMImproper certificate validation in multiple RouterOS servicesEPSS 0.2%