CNNVD-202510-3555 Information
CNNVD ID
CNNVD-202510-3555
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
MikroTik RouterOS和MikroTik RouterOS 7都是拉脱维亚MikroTik公司的产品。MikroTik RouterOS是一套基于Linux开发的路由器操作系统。该系统可部署在PC中,使其提供路由器功能。MikroTik RouterOS 7是一款操作系统。 MikroTik RouterOS 7.14.2版本和SwitchOS 2.18版本存在安全漏洞,该漏洞源于HTTP-only WebFig管理组件存在缺陷,可能导致远程执行任意代码。
Description (English)
MikroTik Routeros and MikroTik Routeros 7 are products of the Latvian company MikroTik. MikroTik RouterOS is a router operating system based on Linux. The system could be deployed in the PC to provide router functionality. MikroTik RouterOS 7 is an operating system. There is a security gap between MicroTik RouterOS version 7.14.2 and SwitchOS version 2.18, which stems from deficiencies in the HTTP-only WebFig management component, which may result in the remote implementation of any code.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
MikroTik
Published
2025-10-27
Last Modified
2026-02-24
References
https://help.mikrotik.com/docs/spaces/ROS/pages/328131/WebFig https://svarthatt.se/cve/mikrotik-swos-cve-2025-61481/ https://help.mikrotik.com/docs/spaces/SWOS/pages/328415/SwOS https://access.redhat.com/security/cve/cve-2025-61481
Patch
https://mikrotik.com/product/routeros
Share on: