RouterOS provides various services that rely on correct...
Moderate severity
Unreviewed
Published
May 5, 2026
to the GitHub Advisory Database
•
Updated May 5, 2026
Description
Published by the National Vulnerability Database
May 5, 2026
Published to the GitHub Advisory Database
May 5, 2026
Last updated
May 5, 2026
RouterOS provides various services that rely on correct
verification of client and server certificates to secure confidentiality and
integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x (802.1X),
among others.
The vulnerability lies in shared certificate validation
logic which uses the system certificate store that is shared and equally
trusted by all system services. This causes confusion of scope, allowing any
certificate authority present in the system-wide trust store to be trusted in
any context (with some exceptions), allowing partial or full authentication
bypass in CAPsMAN, OpenVPN, Dot1X and potentially others.
References