CVE-2025-10948 | MikroTik RouterOS 7 libjson.so /rest/ip/address/print parse_json_element buffer overflow (EUVD-2025-31088)
A vulnerability identified as critical has been detected in MikroTik RouterOS 7. This affects the function parse_json_element of the file /rest/ip/address/print of the component libjson.so. The manipulation leads to buffer overflow.
This vulnerability is uniquely identified as CVE-2025-10948. The attack is possible to be carried out remotely. Moreover, an exploit is present.
You should upgrade the affected component.
The vendor replied: "Our bug tracker reports that your issue has been fixed. This means that we plan to release a RouterOS update with this fix. Make sure to upgrade to the next release when it comes out."