Primary

Context

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability

Vulnerability

Patched

An improper access control vulnerability has been identified in Mikrotik RouterOS, specifically in the handling of remote IP addresses during VXLAN traffic processing. This flaw allows remote attackers to bypass access restrictions and gain unauthorized access to internal network resources. The vulnerability arises from a lack of validation of remote IP addresses against configured values before permitting ingress traffic into the internal network. Notably, authentication is not required to exploit this vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to internal network resources.

Remediation

Users can upgrade to Mikrotik RouterOS version 7.20 to address this vulnerability.

Added: Jun 25, 2025, 11:25 PM

Updated: Jun 25, 2025, 11:25 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Mikrotik RouterOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating