2 matches found
MikroTik RouterOS 6.41.4 Authentication Bypass Vulnerability
An issue was discovered in MikroTik RouterOS. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted...
CVE-2018-10066
CVE-2018-10066 affects MikroTik RouterOS 6.41.4. The issue is missing OpenVPN server certificate verification, allowing a remote unauthenticated attacker who can intercept client traffic to impersonate a legitimate OpenVPN server and potentially access the client’s internal network (e.g., via sit...