Mikrotik Routeros Authentication Bypass Vulnerability 'link'

A critical legacy vulnerability that allowed unauthenticated remote attackers to read arbitrary files , including the user database containing plain-text credentials. This flaw was widely exploited to build massive botnets.

Perhaps the most infamous, this path traversal flaw allowed attackers to bypass authentication and read arbitrary files, including the user database. By modifying a single byte in a session ID, attackers could steal administrator credentials or even gain a root shell. mikrotik routeros authentication bypass vulnerability

A 2025 discovery involving improper access control in VXLAN traffic that allows remote attackers to bypass restrictions without authentication. Impact on Lifestyle and Entertainment mikrotik routeros authentication bypass vulnerability