Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
routeros vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-20264
Mikrotik RouterOs prior to 6.47 (stable tree) in the /ram/pckg/advanced-tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.
Mikrotik Routeros
5.3
CVSSv3
CVE-2023-41570
MikroTik RouterOS v7.1 to 7.11 exists to contain incorrect access control mechanisms in place for the Rest API.
Mikrotik Routeros
7.5
CVSSv3
CVE-2020-10364
The SSH daemon on MikroTik routers through v6.44.3 could allow remote malicious users to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
Mikrotik Routeros
7.5
CVSSv3
CVE-2017-6444
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exp...
Mikrotik Routeros 6.25
1 EDB exploit
6.5
CVSSv3
CVE-2020-20213
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
Mikrotik Routeros 6.44.5
6.5
CVSSv3
CVE-2020-20215
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
Mikrotik Routeros 6.44.6
6.5
CVSSv3
CVE-2020-20216
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros 6.44.6
6.5
CVSSv3
CVE-2020-20219
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros 6.44.6
7.5
CVSSv3
CVE-2017-7285
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote malicious user to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections.
Mikrotik Routeros 6.38.5
1 EDB exploit
9.8
CVSSv3
CVE-2022-34960
The container package in MikroTik RouterOS 7.4beta4 allows an malicious user to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the malicious user to mount any arbitrary file to any location on the host.
Mikrotik Routeros 7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »