4 matches found
MikroTik RouterOS Missing Encryption of Sensitive Data (CVE-2017-6297)
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the- middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...
MikroTik RouterOS 'L2TP' Man-in-the-Middle Attack Vulnerability (Feb 2017)
MikroTik RouterOS is prone to a man in the middle attack vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-6297
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...
CVE-2017-6297
The CVE-2017-6297 entry concerns MikroTik RouterOS L2TP Client in versions 6.83.3 and 6.37.4. The vulnerability arises because IPsec encryption is not enabled after a reboot, enabling man-in-the-middle attackers to view unencrypted data and potentially access networks on the L2TP server by monito...