CVE-2021-27221 - Mikrotik Routeros
Critical 8.1
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work.
Affected software
Mikrotik Routeros