Mikrotik

Routeros

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2021-41987

Exploit
  • EPSS 49.62%
  • Veröffentlicht 16.03.2022 15:15:14
  • Zuletzt bearbeitet 21.11.2024 06:27:01

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.1...

7.8

CVE-2020-22845

  • EPSS 1.2%
  • Veröffentlicht 28.02.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:13:26

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.

7.5

CVE-2020-22844

  • EPSS 1.16%
  • Veröffentlicht 28.02.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:13:26

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.

6.5

CVE-2020-20262

Exploit
  • EPSS 0.35%
  • Veröffentlicht 21.07.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted pac...

6.8

CVE-2020-20221

Exploit
  • EPSS 1.11%
  • Veröffentlicht 21.07.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:55

Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.

6.5

CVE-2020-20219

Exploit
  • EPSS 1.11%
  • Veröffentlicht 21.07.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:55

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

6.5

CVE-2020-20249

Exploit
  • EPSS 0.31%
  • Veröffentlicht 19.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:11:57

Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service.

6.5

CVE-2020-20248

Exploit
  • EPSS 0.88%
  • Veröffentlicht 19.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:11:57

Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.

6.5

CVE-2020-20230

Exploit
  • EPSS 1.22%
  • Veröffentlicht 19.07.2021 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:11:56

Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.

6.5

CVE-2020-20231

Exploit
  • EPSS 0.73%
  • Veröffentlicht 14.07.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 05:11:56

Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).