Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
routeros vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-14847
MikroTik RouterOS up to and including 6.42 allows unauthenticated remote malicious users to read arbitrary files and remote authenticated malicious users to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Mikrotik Routeros
1 EDB exploit
43 Github repositories
4 Articles
4
CVSSv2
CVE-2021-36614
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
7.1
CVSSv2
CVE-2018-5951
An issue exists in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.
Mikrotik Routeros
1 Github repository
7.8
CVSSv2
CVE-2019-13074
A vulnerability in the FTP daemon on MikroTik routers up to and including 6.44.3 could allow remote malicious users to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
Mikrotik Routeros
NA
CVE-2022-36522
Mikrotik RouterOs through stable v6.48.3 exists to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted packet.
Mikrotik Routeros
6.8
CVSSv2
CVE-2015-2350
Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5.0 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via a request in the status page to /cfg.
Mikrotik Routeros
9
CVSSv2
CVE-2018-1156
Mikrotik RouterOS prior to 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
Mikrotik Routeros
1 Article
NA
CVE-2022-45313
Mikrotik RouterOs before stable v7.5 exists to contain an out-of-bounds read in the hotspot process. This vulnerability allows malicious users to execute arbitrary code via a crafted nova message.
Mikrotik Routeros
NA
CVE-2022-45315
Mikrotik RouterOs before stable v7.6 exists to contain an out-of-bounds read in the snmp process. This vulnerability allows malicious users to execute arbitrary code via a crafted packet.
Mikrotik Routeros
5
CVSSv2
CVE-2019-16160
An integer underflow in the SMB server of MikroTik RouterOS prior to 6.45.5 allows remote unauthenticated malicious users to crash the service.
Mikrotik Routeros
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »