MikroTik Flaw Exposes Admin Logins Over Plain HTTP
A critical security vulnerability in MikroTik’s RouterOS and SwitchOS platforms, tracked as CVE-2025-61481, has been assigned a maximum CVSS score of 10.0. The MikroTik flaw exposes admin logins through the unencrypted HTTP version of the WebFig interface, enabling unauthenticated attackers to steal credentials and execute arbitrary code remotely. Devices running RouterOS version 7.14.2 and SwitchOS version 2.18 are confirmed to be affected.
The flaw presents a severe risk to organizations using MikroTik hardware, especially those that have not disabled HTTP access or implemented secure configurations. Researchers have emphasized the urgency of mitigating this exposure, which allows threat actors to compromise router management interfaces without user interaction. As this MikroTik flaw exposes admin logins via an insecure protocol, it underscores the broader risk of relying on unencrypted administrative access.
Additional related vulnerabilities include CVE-2025-11371, CVE-2025-54253, CVE-2025-27915, and CVE-2023-30799.