I have Mikrotik 6.48 VM Machine it works fine.
When I When I scan my network for Vulnerabilities I get this

TCP timestamps OID: 1.3.6.1.4.1.25623.1.0.80091

I google it but I can not find a solution to remove this Vulnerability.

Can Any one help Please ??

If you are not using SNMP, disable it.
If you use it, Just change the SNMP community and don't use "public". And use v2 or v3 with authentication.

Thanks for your response but SNMP is already disabled on my router

[attachment=0]Mik0.jpg[/attachment]

User Cha0s has answered this question earlier on SO:

https://serverfault.com/questions/88496 ... tik-router

AFAIK you cannot disable this on MikroTik.

The Problem is that Vulnerability Scanners consider TCP timestamps as Vulnerability
So Mikrotik should take this in consideration .

What services is your MikroTik Router providing to the outside (wild wild internet) that you consider this a vulnerability?

For me I do not have problems but for my manager he recommended to remove and vulnerability

MikroTik can respond with timestamps only for the services running on it (winbox, www etc) services which should be accessible only from trusted zones (Management VLAN, allowed IP list etc.).
So fix your security issues first and there won't be any "vulnerability".
For the DSTNATed ports you have take care of the "issue" on the destination machines.

This is not a vulnerability. https://raxis.com/blog/2018/06/04/goodi ... timestamps

Now I get another vulnerability



SSL/TLS: Report 'Anonymous' Cipher Suites OID: 1.3.6.1.4.1.25623.1.0.108147


Any Help

yes, fix it like you've fixed the one above.

I did not fix the first one

This has been discussed before: https://www.reddit.com/r/mikrotik/comme ... _mikrotik/

Disabling/firewalling www-ssl and api-ssl should fix the issue.

If you're concerned about security, you should learn to properly and securely configure (e.g. firewall) the device.

Same advice I gave him above to fix his "tcp timestamps". If he would've done that, both of these "vulnerabilities" wouldn't be an "issue" -- secure your devices or pay someone to do it for you.
But the nut didn't stick to the wall.