Hayaseco

**Name of the Vulnerable Software and Affected Versions** Mikrotik Router Monitoring System versions through 2018-10-22 **Description** An issue exists in the check community.php file of the Mikrotik Router Monitoring System, related to a lack of protection of the SQL query structure. This allows for SQL Injection via the `community` parameter. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For versions through 2018-10-22, as a temporary workaround, consider disabling the `check community.php` file or restricting access to it until a patch is available. Avoid using the `community` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.