Primary

Context

MikroTik RouterOS and SwitchOS WebFig Management Component Arbitrary Code Execution Vulnerability

Vulnerability

A vulnerability in MikroTik RouterOS versions through 7.14.2 and SwitchOS versions through 2.18 allows remote attackers to execute arbitrary code via the WebFig management component, which is accessible over HTTP by default. This vulnerability arises because the WebFig interface does not automatically redirect to HTTPS, leaving authentication credentials exposed to interception.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code on the affected device.

Remediation

Administrators should update to MikroTik RouterOS versions 7.14.3 or later and SwitchOS versions 2.19 or later, where this vulnerability has been addressed.

Added: Oct 27, 2025, 2:44 PM

Updated: Oct 27, 2025, 4:31 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

3.1

exploitability

7.2

remediation

6.0

relevance

0.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

3.1

exploitability

7.2

remediation

6.0

relevance

0.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MikroTik RouterOS and SwitchOS WebFig Management Component Arbitrary Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

MikroTik RouterOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating