Mikrotik

Routeros

88 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-13955

  • EPSS 3.75%
  • Veröffentlicht 26.07.2019 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:46

Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected...

6.8

CVE-2019-13954

  • EPSS 4.26%
  • Veröffentlicht 26.07.2019 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:46

Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code can...

7.8

CVE-2019-13074

  • EPSS 2.05%
  • Veröffentlicht 03.07.2019 21:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:08

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.

8.1

CVE-2019-3943

Exploit
  • EPSS 3.74%
  • Veröffentlicht 10.04.2019 21:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:54

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can u...

7.5

CVE-2019-3924

Exploit
  • EPSS 15.7%
  • Veröffentlicht 20.02.2019 20:29:03
  • Zuletzt bearbeitet 15.08.2025 20:21:44

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vuln...

6.5

CVE-2018-1158

Exploit
  • EPSS 2.48%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.

9

CVE-2018-1156

Exploit
  • EPSS 7.37%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.

6.8

CVE-2018-1157

Exploit
  • EPSS 4.38%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.

6.5

CVE-2018-1159

Exploit
  • EPSS 2.48%
  • Veröffentlicht 23.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:18

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.

9.1

CVE-2018-14847

Warnung Exploit
  • EPSS 96.09%
  • Veröffentlicht 02.08.2018 07:29:00
  • Zuletzt bearbeitet 07.11.2025 19:20:41

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.