Mikrotik

Routeros

88 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-20222

Exploit
  • EPSS 3.17%
  • Veröffentlicht 18.05.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:56

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

6.5

CVE-2020-20214

Exploit
  • EPSS 3.11%
  • Veröffentlicht 18.05.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:54

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.

6.5

CVE-2020-20254

Exploit
  • EPSS 2.1%
  • Veröffentlicht 18.05.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

6.5

CVE-2020-20253

Exploit
  • EPSS 2.1%
  • Veröffentlicht 18.05.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.

6.5

CVE-2020-20265

Exploit
  • EPSS 2.11%
  • Veröffentlicht 11.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.

6.5

CVE-2020-20267

Exploit
  • EPSS 1.71%
  • Veröffentlicht 11.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:59

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.

6.5

CVE-2020-20247

  • EPSS 1.08%
  • Veröffentlicht 03.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:57

Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

6.5

CVE-2020-20218

Exploit
  • EPSS 1.96%
  • Veröffentlicht 03.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:55

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

8.5

CVE-2021-27221

Exploit
  • EPSS 4.49%
  • Veröffentlicht 19.03.2021 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:37

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work

6.1

CVE-2021-3014

Exploit
  • EPSS 0.93%
  • Veröffentlicht 04.01.2021 19:15:15
  • Zuletzt bearbeitet 21.11.2024 06:20:45

In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.