Vendor
MikroTik RouterOS 6.49.8 is vulnerable to an out-of-bounds read in the SCEP endpoint component, triggered by remote manipulation of the transactionID/messageType argument, potentially leading to denial of service or information disclosure.