RSS   Vulnerabilities for 'Winbox'   RSS

2020-02-06
 
CVE-2020-5720

CWE-22
 

 
MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle attack.

 
2020-01-14
 
CVE-2019-3981

CWE-20
 

 
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.

 

 >>> Vendor: Mikrotik 5 Products
Routeros
Router hap lite firmware
Router firmware
Routerboard
Winbox


Copyright 2024, cxsecurity.com

 

Back to Top