Lucene search
K

5 matches found

NVD
NVD
added 2026/05/05 11:16 a.m.19 views

CVE-2025-42611

RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...

6.5CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/05 10:58 a.m.17 views

CVE-2025-42611 Improper certificate validation in multiple RouterOS services

RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-36997

Name of the Vulnerable Software and Affected Versions RouterOS affected versions not specified Description Shared certificate validation logic uses a system certificate store that is trusted equally by all system services. This creates a confusion of scope where any certificate authority in the...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References4
Snyk
Snyk
added 2025/09/16 4:5 p.m.3 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via a flaw in the certificate validation logic, which accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. An attacker can use this to...

7.1CVSS6.7AI score0.00288EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.4 views

PT-2025-38069

Name of the Vulnerable Software and Affected Versions Kubernetes C client versions prior to 17.0.14 Description A flaw exists in the Kubernetes C client's certificate validation logic, allowing it to accept certificates from any Certificate Authority CA without proper trust chain verification. Th...

7.1CVSS6.3AI score0.00288EPSS
Exploits0References20
Rows per page
Query Builder