In beginning of May 2021, a security research group from Belgium published a set of vulnerabilities they call “Frag Attacks” (from Fragmentation Attack), which affect all modern security protocols of Wi-Fi. Not all the published issues affect MikroTik products, but those that were found to be potentially affecting RouterOS, have been fixed in all currently released RouterOS versions.

The affected vulnerabilities are: CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147.

All fixes are published already, in the following versions:

  • v6.47.10 [long-term]
  • v6.48.3 [stable]
  • v7.1beta6 [beta]