CVE-2025-61481

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS version 7.14.2 MikroTik SwitchOS version 2.18

Description An issue exists in MikroTik RouterOS and SwitchOS where the WebFig management interface is exposed over cleartext HTTP by default. This allows a remote attacker to potentially intercept credentials through man-in-the-middle attacks or execute injected JavaScript in the administrator’s browser. The vulnerability allows for remote code execution via the HTTP-only WebFig management component. Approximately 7.3 million devices are estimated to be vulnerable. The vulnerability allows an attacker to intercept credentials and potentially gain full system compromise. The WebFig interface is the component affected.

Recommendations For MikroTik RouterOS version 7.14.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For MikroTik SwitchOS version 2.18, at the moment, there is no information about a newer version that contains a fix for this vulnerability.