Mikrotik

Routeros

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-20253

Exploit
  • EPSS 0.84%
  • Veröffentlicht 18.05.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.

6.5

CVE-2020-20267

Exploit
  • EPSS 1.01%
  • Veröffentlicht 11.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:59

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.

6.5

CVE-2020-20265

Exploit
  • EPSS 0.4%
  • Veröffentlicht 11.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:58

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.

6.5

CVE-2020-20247

  • EPSS 0.65%
  • Veröffentlicht 03.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:57

Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

6.5

CVE-2020-20218

Exploit
  • EPSS 0.88%
  • Veröffentlicht 03.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:11:55

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

8.5

CVE-2021-27221

Exploit
  • EPSS 41.89%
  • Veröffentlicht 19.03.2021 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:37

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work

6.1

CVE-2021-3014

Exploit
  • EPSS 0.58%
  • Veröffentlicht 04.01.2021 19:15:15
  • Zuletzt bearbeitet 21.11.2024 06:20:45

In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.

7.5

CVE-2019-16160

  • EPSS 1.28%
  • Veröffentlicht 07.10.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:30:10

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.

7.5

CVE-2020-11881

Exploit
  • EPSS 21.17%
  • Veröffentlicht 14.09.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 04:58:49

An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964.

7.8

CVE-2020-10364

Exploit
  • EPSS 2.15%
  • Veröffentlicht 23.03.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 04:55:09

The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource managemen...