Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
routeros vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-36522
Mikrotik RouterOs through stable v6.48.3 exists to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted packet.
Mikrotik Routeros
9.8
CVSSv3
CVE-2022-34960
The container package in MikroTik RouterOS 7.4beta4 allows an malicious user to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the malicious user to mount any arbitrary file to any location on the host.
Mikrotik Routeros 7.4
6.5
CVSSv3
CVE-2021-36613
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
6.5
CVSSv3
CVE-2021-36614
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
8.1
CVSSv3
CVE-2021-41987
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.
Mikrotik Routeros 6.47.10
Mikrotik Routeros 6.47.9
Mikrotik Routeros 6.46.8
7.5
CVSSv3
CVE-2020-22844
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated malicious users to cause a denial of service (DOS) via crafted SMB requests.
Mikrotik Routeros 6.47
7.5
CVSSv3
CVE-2020-22845
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated malicious users to cause a denial of service (DOS) via crafted FTP requests.
Mikrotik Routeros 6.47
6.5
CVSSv3
CVE-2020-20219
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros 6.44.6
6.5
CVSSv3
CVE-2020-20262
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
Mikrotik Routeros
6.5
CVSSv3
CVE-2020-20221
Mikrotik RouterOs prior to 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
Mikrotik Routeros
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »