Published: 16/04/2018 Updated: 22/05/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote malicious user to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mikrotik router_firmware 6.41.4

################ #Title: MikroTik 6414 Denial of service FTP daemon crash #CVE: CVE-2018-10070 #CWE: CWE-400 #Exploit Author: Hosein Askari (FarazPajohan) #Vendor HomePage: mikrotikcom/ #Version : 6414 (Released 2018-Apr-05) | All Version #Date: 13-05-2018 #Category: Network Appliance #Description: A vulnerability in MikroTik Version 6 ...

MikroTik version 6414 ftp daemon denial of service proof of concept exploit ...

CWE-400 http://packetstormsecurity.com/files/147183/MikroTik-6.41.4-Denial-Of-Service.html https://www.exploit-db.com/exploits/44450/https://nvd.nist.gov https://www.exploit-db.com/exploits/44450/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-10070

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect