Mikrotik

Routeros

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2019-3943

Exploit
  • EPSS 0.58%
  • Veröffentlicht 10.04.2019 21:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:54

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can u...

7.5

CVE-2019-3924

Exploit
  • EPSS 10.79%
  • Veröffentlicht 20.02.2019 20:29:03
  • Zuletzt bearbeitet 15.08.2025 20:21:44

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vuln...

6.8

CVE-2018-1157

Exploit
  • EPSS 2.36%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.

9

CVE-2018-1156

Exploit
  • EPSS 2.78%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.

6.5

CVE-2018-1158

Exploit
  • EPSS 1.22%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.

6.5

CVE-2018-1159

Exploit
  • EPSS 1.07%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.

9.1

CVE-2018-14847

Warnung Exploit
  • EPSS 92.84%
  • Veröffentlicht 02.08.2018 07:29:00
  • Zuletzt bearbeitet 07.11.2025 19:20:41

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.

10

CVE-2018-7445

Warnung Exploit
  • EPSS 85.9%
  • Veröffentlicht 19.03.2018 21:29:01
  • Zuletzt bearbeitet 07.11.2025 19:04:17

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs b...

7.8

CVE-2017-8338

Exploit
  • EPSS 2.88%
  • Veröffentlicht 18.05.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; a...

7.8

CVE-2017-7285

Exploit
  • EPSS 21.22%
  • Veröffentlicht 29.03.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP conn...