3 matches found
MikroTik RouterOS 7.19.1 - Reflected XSS
Exploit Title: MikroTik RouterOS 7.19.1 - Reflected XSS Google Dork: inurl:/login?dst= Date: 2025-07-15 Exploit Author: Prak Sokchea Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: RouterOS /login?dst=javascript:alert3 A reflected XSS will be triggered...
📄 MikroTik RouterOS 7.19.1 Cross Site Scripting
MikroTik RouterOS versions 7.19.1 and below suffer from a cross site scripting vulnerability. Exploit Title: MikroTik RouterOS 7.19.1 - Reflected XSS Google Dork: inurl:/login?dst= Date: 2025-07-15 Exploit Author: Prak Sokchea Vendor Homepage: https://mikrotik.com Software Link:...
CVE-2025-6563
MikroTik RouterOS has a cross-site scripting (XSS) vulnerability in the hotspot component for versions below 7.19.2. The issue stems from improper handling of the destination URL parameter (dst), allowing an attacker to inject a javascript: payload. When a user visits the crafted login URL and au...