Vulnerabilities > Mikrotik > Winbox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-5721 | Insufficiently Protected Credentials vulnerability in Mikrotik Winbox MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. | 5.5 |
| 2020-02-06 | CVE-2020-5720 | Path Traversal vulnerability in Mikrotik Winbox 3.18/3.20 MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. | 5.9 |