Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mikrotik vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-20220
Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
4
CVSSv2
CVE-2020-20225
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from an assertion failure vulnerability in the /nova/bin/user process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.
Mikrotik Routeros
4
CVSSv2
CVE-2020-20230
Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
Mikrotik Routeros
4
CVSSv2
CVE-2020-20247
Mikrotik RouterOs prior to 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.
Mikrotik Routeros
4
CVSSv2
CVE-2020-20254
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
4
CVSSv2
CVE-2020-20264
Mikrotik RouterOs prior to 6.47 (stable tree) in the /ram/pckg/advanced-tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.
Mikrotik Routeros
4
CVSSv2
CVE-2020-20266
Mikrotik RouterOs prior to 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
4.3
CVSSv2
CVE-2020-5720
MikroTik WinBox prior to 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle at...
Mikrotik Winbox
2.1
CVSSv2
CVE-2020-5721
MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Keep Password is set by default and, by default Master Password is not set. An attacker with acce...
Mikrotik Winbox
6.8
CVSSv2
CVE-2015-2350
Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5.0 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via a request in the status page to /cfg.
Mikrotik Routeros
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »