CVE-2019-3981 - Mikrotik Routeros and Mikrotik Winbox
Low 3.7
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.
Affected software
Mikrotik Routeros
Mikrotik Winbox