CVE-2025-10948 | MikroTik RouterOS 7 libjson.so /rest/ip/address/print parse_json_element buffer overflow

Inserito da Angelo Barbosa | Set 25, 2025 | CVE

A vulnerability identified as critical has been detected in MikroTik RouterOS 7. This affects the function parse_json_element of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow.

This vulnerability is uniquely identified as CVE-2025-10948. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10948 | MikroTik RouterOS 7 libjson.so /rest/ip/address/print parse_json_element buffer overflow

Post correlati

CVE-2023-51694 | Epiphyt Embed Privacy Plugin up to 1.8.0 on WordPress cross site scripting

CVE-2025-2113 | AT Software Solutions ATSVD up to 3.4.1 Esqueceu a senha txtCPF sql injection

CVE-2023-40223 | Philips Vue PACS prior 12.2.8.410 Actor privileges management (icsma-24-200-01)

CVE-2024-6148 | Citrix Workspace App Global App Configuration Service default permission (CTX678037)