Mikrotik Winbox
By the Year
In 2024 there have been 0 vulnerabilities in Mikrotik Winbox . Winbox did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 3 | 5.03 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Winbox vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Mikrotik Winbox Security Vulnerabilities
MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set
CVE-2020-5721
5.5 - Medium
- April 15, 2020
MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Keep Password is set by default and, by default Master Password is not set. An attacker with access to the configuration file can extract a username and password to gain access to the router.
Insufficiently Protected Credentials
MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability
CVE-2020-5720
5.9 - Medium
- February 06, 2020
MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle attack.
Directory traversal
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks
CVE-2019-3981
3.7 - Low
- January 14, 2020
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Mikrotik Winbox or by Mikrotik? Click the Watch button to subscribe.