Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mikrotik vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-20267
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
Mikrotik Routeros
7.5
CVSSv3
CVE-2020-10364
The SSH daemon on MikroTik routers through v6.44.3 could allow remote malicious users to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
Mikrotik Routeros
8.8
CVSSv3
CVE-2018-1156
Mikrotik RouterOS prior to 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
Mikrotik Routeros
1 Article
6.5
CVSSv3
CVE-2018-1159
Mikrotik RouterOS prior to 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.
Mikrotik Routeros
1 Article
5.3
CVSSv3
CVE-2023-41570
MikroTik RouterOS v7.1 to 7.11 exists to contain incorrect access control mechanisms in place for the Rest API.
Mikrotik Routeros
6.5
CVSSv3
CVE-2022-36522
Mikrotik RouterOs through stable v6.48.3 exists to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted packet.
Mikrotik Routeros
8.8
CVSSv3
CVE-2019-3976
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell ...
Mikrotik Routeros
6.5
CVSSv3
CVE-2021-36613
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
6.1
CVSSv3
CVE-2021-3014
In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.
Mikrotik Routeros
6.5
CVSSv3
CVE-2020-20217
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
Mikrotik Routeros
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »