Every CVE whose affected-product data names Mikrotik Winbox, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-5720 — CVSS 5.9 (medium): MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has…
CVE-2020-5721 — CVSS 5.5 (medium): MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field…
CVE-2019-3981 — CVSS 3.7 (low): MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication…