CVE-2020-5720

Name of the Vulnerable Software and Affected Versions MikroTik WinBox versions prior to 3.21

Description The issue allows creation of arbitrary files wherever WinBox has write permissions due to a path traversal vulnerability. This can occur if WinBox connects to a malicious endpoint or if an attacker mounts a man-in-the-middle attack.

Recommendations For versions prior to 3.21, update to version 3.21 or later to resolve the issue. As a temporary workaround, consider restricting access to untrusted networks and avoiding connections to unknown endpoints to minimize the risk of exploitation.