CVE-2025-61481
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-27
Last updated on: 2025-10-30
Assigner: MITRE
Description
Description
An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over cleartext HTTP by default, allowing an on-path attacker to execute injected JavaScript in the administrator’s browser and intercept credentials.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mikrotik | routeros | 7.14.2 |
| mikrotik | swos | 2.18 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1188 | The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute arbitrary code through the HTTP-only WebFig management component, potentially compromising the affected device.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could gain control over the affected MikroTik device by executing arbitrary code remotely, which may lead to unauthorized access, disruption of network services, or further attacks within the network.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70