MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2020-01-14T18:13:57

Updated: 2024-08-04T19:26:27.758Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3981

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-01-14T19:15:13.187

Modified: 2024-11-21T04:42:59.980

Link: CVE-2019-3981

cve-icon Redhat

No data.