Security Advisory

CVE-2017-6297

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-02-27 07:25:00

Last updated 2024-08-05 15:25:48

Assigner mitre

State PUBLISHED

Description

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and obtaining the L2TP secret.

← Browse all CVEs View on cve.org ↗