Checkmk · Checkmk Exchange Plugin · CVE-2024-38861
**Name of the Vulnerable Software and Affected Versions**
MikroTik versions 0.4a mk through 2.0a
MikroTik versions 2.0.0 through 2.5.5
**Description**
The issue is related to improper certificate validation in the Checkmk Exchange plugin for MikroTik routers, which can allow an attacker to intercept traffic. This can be exploited by an attacker in a man-in-the-middle position, potentially leading to spoofing attacks.
**Recommendations**
For versions 0.4a mk through 2.0a, consider disabling the Checkmk Exchange plugin until a patch is available.
For versions 2.0.0 through 2.5.5, consider restricting access to the plugin to minimize the risk of exploitation.
As a temporary workaround, avoid using the affected plugin in sensitive environments until the issue is resolved.