Skip to main content

Winbox

2 CVEs product

Monthly

CVE-2020-5721 MEDIUM POC This Month

MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mikrotik Winbox
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-5720 MEDIUM POC This Month

MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Mikrotik Path Traversal Winbox
NVD
CVSS 3.1
5.9
EPSS
1.1%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mikrotik Winbox
NVD
EPSS 1% CVSS 5.9
MEDIUM POC This Month

MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Mikrotik Path Traversal Winbox
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy