Mikrotik

Routeros

88 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-34960

Exploit
  • EPSS 1.14%
  • Veröffentlicht 25.08.2022 02:15:19
  • Zuletzt bearbeitet 21.11.2024 07:10:28

The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the attacker to mount any arbitrary file to any location on the host.

6.5

CVE-2021-36614

Exploit
  • EPSS 2.09%
  • Veröffentlicht 11.05.2022 18:15:22
  • Zuletzt bearbeitet 21.11.2024 06:13:52

Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

6.5

CVE-2021-36613

Exploit
  • EPSS 2.09%
  • Veröffentlicht 11.05.2022 18:15:22
  • Zuletzt bearbeitet 21.11.2024 06:13:52

Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

8.1

CVE-2021-41987

Exploit
  • EPSS 16.23%
  • Veröffentlicht 16.03.2022 15:15:14
  • Zuletzt bearbeitet 21.11.2024 06:27:01

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.1...

7.8

CVE-2020-22845

  • EPSS 1.2%
  • Veröffentlicht 28.02.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:13:26

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.

7.5

CVE-2020-22844

  • EPSS 1.19%
  • Veröffentlicht 28.02.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:13:26

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.

6.5

CVE-2020-20262

Exploit
  • EPSS 2.14%
  • Veröffentlicht 21.07.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted pac...

6.8

CVE-2020-20221

Exploit
  • EPSS 2.91%
  • Veröffentlicht 21.07.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:55

Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.

6.5

CVE-2020-20219

Exploit
  • EPSS 1.99%
  • Veröffentlicht 21.07.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:55

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

6.5

CVE-2020-20249

Exploit
  • EPSS 1.75%
  • Veröffentlicht 19.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:11:57

Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service.