Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
routeros vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-6050
The winbox service in MikroTik RouterOS 5.15 and previous versions allows remote malicious users to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated b...
Mikrotik Routeros 5.15
1 EDB exploit
7.5
CVSSv3
CVE-2023-24094
An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows malicious users to cause a Denial of Service (DoS) via crafted packets.
Mikrotik Routeros 6.40.5
6.5
CVSSv3
CVE-2020-20211
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
Mikrotik Routeros 6.44.5
6.5
CVSSv3
CVE-2020-20212
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros 6.44.5
6.5
CVSSv3
CVE-2020-20214
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
Mikrotik Routeros 6.44.6
1 Github repository
6.5
CVSSv3
CVE-2020-20227
Mikrotik RouterOs stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
Mikrotik Routeros 6.47
6.5
CVSSv3
CVE-2020-20237
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
Mikrotik Routeros 6.46.3
8.1
CVSSv3
CVE-2021-27221
MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work
Mikrotik Routeros 6.47.9
3.7
CVSSv3
CVE-2019-3981
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.
Mikrotik Winbox
Mikrotik Routeros
NA
CVE-2018-74453
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes pla...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »