Winbox Mikrotik Winbox

Do you want an email whenever new security vulnerabilities are reported in Mikrotik Winbox?

By the Year

In 2024 there have been 0 vulnerabilities in Mikrotik Winbox . Winbox did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 3 5.03
2019 0 0.00
2018 0 0.00

It may take a day or so for new Winbox vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Mikrotik Winbox Security Vulnerabilities

MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set

CVE-2020-5721 5.5 - Medium - April 15, 2020

MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Keep Password is set by default and, by default Master Password is not set. An attacker with access to the configuration file can extract a username and password to gain access to the router.

Insufficiently Protected Credentials

MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability

CVE-2020-5720 5.9 - Medium - February 06, 2020

MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle attack.

Directory traversal

MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks

CVE-2019-3981 3.7 - Low - January 14, 2020

MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.

Improper Input Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Mikrotik Winbox or by Mikrotik? Click the Watch button to subscribe.

Mikrotik
Vendor

subscribe