CVE-2025-61481

Published Oct 27, 2025

Last updated 8 hours ago

CVSS critical 10.0

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-61481 affects MikroTik RouterOS (v7.14.2) and SwitchOS (v2.18). It allows a remote attacker to execute arbitrary code or intercept credentials via the HTTP-only WebFig management component. The WebFig management interface is initialized with HTTP enabled by default, without automatic redirection to HTTPS. To exploit this vulnerability, an attacker needs network-level access, such as connecting to the same LAN or Wi-Fi network as the targeted device. No authentication is required to capture credentials during the administrator's login. An attacker could harvest credentials and inject malicious configurations or firmware.

Description
An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute arbitrary code via the HTTP- only WebFig management component
Source
cve@mitre.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-200

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

29

  1. 🚨 CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP WebFig. It affects RouterOS v.7.14.2 and SwitchOS v.2.18. 👇Dork: HUNTER : https://t.co/G5LwnS1NbE="MikroTik RouterOS"||https://t.co/G5LwnS1NbE="MikroTik SwOS" https

    @HackingTeam777

    30 Oct 2025

    972 Impressions

    2 Retweets

    19 Likes

    11 Bookmarks

    1 Reply

    0 Quotes

  2. ⚠️⚠️ CVE-2025-61481: Critical 10.0/10 Flaw in MikroTik RouterOS/SwOS WebFig — enables admin credential interception and potential takeover 🎯4.3m+ Results are found on the https://t.co/pb16tGXCUG nearly year. 🔗FOFA Link: https://t.co/LYDuAu0bz1 FOFA Query: https://

    @fofabot

    29 Oct 2025

    1693 Impressions

    8 Retweets

    21 Likes

    10 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨Alert🚨 CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP WebFig. It affects RouterOS v.7.14.2 and SwitchOS v.2.18. 📊11.4M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/5Fb

    @HunterMapping

    29 Oct 2025

    10124 Impressions

    39 Retweets

    126 Likes

    74 Bookmarks

    0 Replies

    2 Quotes

  4. CVSS 10.0 MikroTik Flaw (CVE-2025-61481) Broadcasts Your Admin Password. Here's the Emergency Fix. Read the full report on - https://t.co/m3tYanRPtM https://t.co/KEcdgXmpRZ

    @Iambivash007

    29 Oct 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨Alert🚨 CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP WebFig. It affects RouterOS v.7.14.2 and SwitchOS v.2.18. 📊11.4M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/5Fb

    @HunterMapping

    29 Oct 2025

    216 Impressions

    0 Retweets

    2 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨Alert🚨 CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP WebFig. It affects RouterOS v.7.14.2 and SwitchOS v.2.18. 📊11.4M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/5Fb

    @HunterMapping

    29 Oct 2025

    49 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. 🚨Alert🚨 CVE-2025-61481 (CVSS 10.0) : Critical MikroTik Flaw Exposes Router Admin Credentials Over Unencrypted HTTP https://t.co/kaHLRwC1Vp affects RouterOS v.7.14.2 and SwitchOS v.2.18. 📊11.4M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter https://

    @HunterMapping

    29 Oct 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨🚨CVE-2025-61481 (CVSS 10.0): A critical flaw in MikroTik RouterOS/SwOS exposes the WebFig interface over unencrypted HTTP, enabling remote credential theft via MitM attacks. 🔥PoC: https://t.co/3eDOlxa3BI Search by vul.cve Filter👉vul.cve="CVE-2025-61481" ZoomEye http

    @zoomeye_team

    29 Oct 2025

    7282 Impressions

    22 Retweets

    70 Likes

    37 Bookmarks

    2 Replies

    1 Quote

  9. Great 🙄 🟥 CVE-2025-61481, CVSS: 10.0 (#Critical) MikroTik RouterOS version 7.14.2 and SwitchOS version 2.18, MikroTik. Vulnerability allows remote code execution via the HTTP-only WebFig management component. The potential impact is severe, as attackers can execute http

    @UjlakiMarci

    27 Oct 2025

    157 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    3 Replies

    1 Quote

  10. CVE-2025-61481 An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute arbitrary code via the HTTP- only WebFig management component https://t.co/B44GSv2hlg

    @CVEnew

    27 Oct 2025

    281 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.