5 matches found
CVE-2025-42611
RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...
CVE-2025-42611 Improper certificate validation in multiple RouterOS services
RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...
PT-2026-36997
Name of the Vulnerable Software and Affected Versions RouterOS affected versions not specified Description Shared certificate validation logic uses a system certificate store that is trusted equally by all system services. This creates a confusion of scope where any certificate authority in the...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation via a flaw in the certificate validation logic, which accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. An attacker can use this to...
PT-2025-38069
Name of the Vulnerable Software and Affected Versions Kubernetes C client versions prior to 17.0.14 Description A flaw exists in the Kubernetes C client's certificate validation logic, allowing it to accept certificates from any Certificate Authority CA without proper trust chain verification. Th...