CNNVD-202506-3225 Information

CNNVD ID

CNNVD-202506-3225

Related CVE

CVE-2025-6443

• CNNVD Published: 2025-06-25

Description (Chinese)

MikroTik RouterOS是拉脱维亚MikroTik公司的一套基于Linux开发的路由器操作系统。该系统可部署在PC中，使其提供路由器功能。 MikroTik RouterOS存在访问控制错误漏洞，该漏洞源于处理VXLAN流量时未验证远程IP地址，可能导致绕过访问限制。

Description (English)

MikroTik Routeros is a router operating system based on Linux developed by the Latvian company MikroTik. The system could be deployed in the PC to provide router functionality. MikroTik Routeros has a bug in access control, which results from the failure to verify a remote IP address while processing VXLAN traffic, which may lead to circumventing access restrictions.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

MikroTik

Published

2025-06-25

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-424/ https://nvd.nist.gov/vuln/detail/CVE-2025-6443

Patch

https://mikrotik.com/download