Medium severity5.9NVD Advisory· Published Feb 27, 2017· Updated Jun 17, 2026
CVE-2017-6297
CVE-2017-6297
Description
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and obtaining the L2TP secret.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
2- blog.milne.it/2017/02/24/mikrotik-routeros-security-vulnerability-l2tp-tunnel-unencrypted-cve-2017-6297/nvdExploitThird Party Advisory
- www.securityfocus.com/bid/96447nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.