CVE-2017-6444
- EPSS 18.06%
- Veröffentlicht 12.03.2017 05:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After th...
CVE-2017-6297
- EPSS 0.11%
- Veröffentlicht 27.02.2017 07:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitorin...
CVE-2015-2350
- EPSS 0.19%
- Veröffentlicht 19.03.2015 14:59:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request in the status page to /cfg.
CVE-2012-6050
- EPSS 8.62%
- Veröffentlicht 27.11.2012 04:49:26
- Zuletzt bearbeitet 11.04.2025 00:51:21
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demon...
CVE-2008-6976
- EPSS 9.28%
- Veröffentlicht 19.08.2009 05:24:52
- Zuletzt bearbeitet 09.04.2025 00:30:58
MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remote attackers to modify Network Management System (NMS) settings via a crafted SNMP set request.