Mikrotik RouterOS prior to 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mikrotik routeros |
||
mikrotik routeros 6.45 |