Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
routeros vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-41570
MikroTik RouterOS v7.1 to 7.11 exists to contain incorrect access control mechanisms in place for the Rest API.
Mikrotik Routeros
7.5
CVSSv3
CVE-2019-3979
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can po...
Mikrotik Routeros
9.1
CVSSv3
CVE-2018-14847
MikroTik RouterOS up to and including 6.42 allows unauthenticated remote malicious users to read arbitrary files and remote authenticated malicious users to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Mikrotik Routeros
1 EDB exploit
43 Github repositories
4 Articles
7.5
CVSSv3
CVE-2020-20021
An issue discovered in MikroTik Router v6.46.3 and previous versions allows malicious user to cause denial of service via misconfiguration in the SSH daemon.
Mikrotik Routeros
6.5
CVSSv3
CVE-2020-20262
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
Mikrotik Routeros
6.5
CVSSv3
CVE-2020-20267
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
Mikrotik Routeros
7.5
CVSSv3
CVE-2019-13074
A vulnerability in the FTP daemon on MikroTik routers up to and including 6.44.3 could allow remote malicious users to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
Mikrotik Routeros
6.5
CVSSv3
CVE-2022-36522
Mikrotik RouterOs through stable v6.48.3 exists to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted packet.
Mikrotik Routeros
6.5
CVSSv3
CVE-2019-15055
MikroTik RouterOS up to and including 6.44.5 and 6.45.x up to and including 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to the m...
Mikrotik Routeros
7.5
CVSSv3
CVE-2019-16160
An integer underflow in the SMB server of MikroTik RouterOS prior to 6.45.5 allows remote unauthenticated malicious users to crash the service.
Mikrotik Routeros
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »