CVE-2019-3981

Summary

MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.

Affected Software

VendorProductVersion RangeStatus
MikroTikWinBoxWinbox 3.20 and below.affected

Weaknesses

  • CWE-300: CWE-300

ADP Enrichment

CVE Program Container

Additional References

References