Detections
Analytics
MikroTik RouterOS <= 7.20 Authentication Bypass via Improper Certificate Validation (CVE-2025-42611)
medium Nessus Plugin ID 313232
Language:
Synopsis
The remote networking device is affected by an authentication bypass vulnerability.Description
According to its self-reported version, the remote networking device is running a version of MikroTik RouterOS 7.x prior to or equal to 7.20. It is, therefore, affected by an authentication bypass vulnerability caused by improper certificate validation.The vulnerability lies in shared certificate validation logic which uses the system certificate store that is shared and equally trusted by all system services. This causes confusion of scope, allowing any certificate authority present in the system-wide trust store to be trusted in any context, enabling partial or full authentication bypass in CAPsMAN, OpenVPN, Dot1X (802.1X), and potentially other services.
Note that Nessus has not tested for this issue but has instead relied only on the router's self-reported version number.
Solution
Upgrade to MikroTik RouterOS 7.21 or later. After upgrading, manually review and restrict the trust-store scope of all imported certificates.See Also
Plugin Details
Severity: Medium
ID: 313232
File Name: mikrotik_CVE-2025-42611.nasl
Version: 1.2
Type: Remote
Family: Misc.
Published: 5/8/2026
Updated: 5/11/2026
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.3
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 4.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS Score Source: CVE-2025-42611
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:mikrotik:routeros
Required KB Items: MikroTik/RouterOS/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 4/10/2026
Vulnerability Publication Date: 4/10/2026
Reference Information
CVE: CVE-2025-42611
CWE: 295
IAVA: 2026-A-0432