VYPR
Unrated severityNVD Advisory· Published Mar 19, 2015· Updated Jun 17, 2026

CVE-2015-2350

CVE-2015-2350

Description

Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request in the status page to /cfg.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mikrotik/Routeros2 versions
    cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*range: <=5.0
    • (no CPE)range: <=5.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.