CVE-2025-42611— Improper certificate validation in multiple RouterOS services
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-42611
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper certificate validation in multiple RouterOS services
Source: NVD (National Vulnerability Database)
Vulnerability Description
RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x (802.1X), among others. The vulnerability lies in shared certificate validation logic which uses the system certificate store that is shared and equally trusted by all system services. This causes confusion of scope, allowing any certificate authority present in the system-wide trust store to be trusted in any context (with some exceptions), allowing partial or full authentication bypass in CAPsMAN, OpenVPN, Dot1X and potentially others.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mikrotik RouterOS 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mikrotik RouterOS是拉脱维亚Mikrotik公司的一个网络设备操作系统。 MikroTik RouterOS存在信任管理问题漏洞,该漏洞源于共享证书验证逻辑导致范围混淆,允许系统范围内信任的任何证书颁发机构在任何上下文中被信任,可能导致CAPsMAN、OpenVPN、Dot1X等服务的部分或完全身份验证绕过。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-42611
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-42611
请登录查看更多情报信息。
- CVE-2025-42611 – Authentication bypass in multiple RouterOS services caused by improper certificate validation - SI CERTthird-party-advisorygovernment-resource
- https://nvd.nist.gov/vuln/detail/CVE-2025-42611
IV. Related Vulnerabilities
Same product: RouterOS
- CVE-2026-7668
MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out- - CVE-2025-10948
MikroTik RouterOS libjson.so print parse_json_element buffer - CVE-2025-6563
Cross-site scripting via dst parameter in RouterOS WiFi hots - CVE-2025-6443
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vu - CVE-2023-32154
Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Exec
Same vendor: Mikrotik
- CVE-2026-7668
MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out- - CVE-2025-10948
MikroTik RouterOS libjson.so print parse_json_element buffer - CVE-2025-6563
Cross-site scripting via dst parameter in RouterOS WiFi hots - CVE-2025-6443
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vu - CVE-2023-32154
Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Exec
Same weakness: CWE-295
- CVE-2026-44700
Elixir WebRTC: Missing DTLS peer fingerprint validation in e - CVE-2026-23998
Fleet has a Windows MDM management endpoint authentication b - CVE-2026-32992
cPanel 信任管理问题漏洞 - CVE-2026-44363
Unsafe remote resource fetching in expansion misp-modules - CVE-2026-0248
Prisma Access Agent: Improper Certificate Validation Vulnera
V. Comments for CVE-2025-42611
No comments yet