Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mikrotik vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-16160
An integer underflow in the SMB server of MikroTik RouterOS prior to 6.45.5 allows remote unauthenticated malicious users to crash the service.
Mikrotik Routeros
445
VMScore
CVE-2020-11881
An array index error in MikroTik RouterOS 6.41.3 up to and including 6.46.5, and 7.x up to and including 7.0 Beta5, allows an unauthenticated remote malicious user to crash the SMB server via modified setup-request packets, aka SUP-12964.
Mikrotik Routeros
Mikrotik Routeros 7.0
1 Github repository
668
VMScore
CVE-2020-13118
An issue exists in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in check_community.php via the parameter community.
Mikrotik-router-monitoring-system Project Mikrotik-router-monitoring-system
187
VMScore
CVE-2020-5721
MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Keep Password is set by default and, by default Master Password is not set. An attacker with acce...
Mikrotik Winbox
694
VMScore
CVE-2020-10364
The SSH daemon on MikroTik routers through v6.44.3 could allow remote malicious users to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
Mikrotik Routeros
632
VMScore
CVE-2018-5951
An issue exists in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.
Mikrotik Routeros
1 Github repository
383
VMScore
CVE-2020-5720
MikroTik WinBox prior to 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle at...
Mikrotik Winbox
383
VMScore
CVE-2019-3981
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.
Mikrotik Routeros
Mikrotik Winbox
756
VMScore
CVE-2019-3977
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into "upgrading" to an older version of RouterOS and possi...
Mikrotik Routeros
505
VMScore
CVE-2019-3978
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated malicious users to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially ...
Mikrotik Routeros
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »