4 matches found
MikroTik RouterOS Uncontrolled Recursion (CVE-2018-1158)
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
MikroTik RouterOS < 6.40.9 / 6.42.7 / 6.43 multiple vulnerabilities.
According to its self-reported version, the remote networking device is running a version of MikroTik prior to 6.40.9, 6.41.x 6.42.7, or 6.43. It, therefore, vulnerable to multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
CVE-2018-1158
CVE-2018-1158 affects MikroTik RouterOS before 6.40.9 and 6.42.7. It is a stack-exhaustion flaw where an authenticated remote attacker can crash the HTTP server by recursively parsing JSON. The issue is mitigated by upgrading RouterOS to 6.40.9, 6.42.7 or later (e.g., 6.43).
CVE-2018-1158
creationtimestamp| type| source ---|---|--- 2018-08-23 06:17:37+00:00| seen| https://t.me/mikrotikninja/245 2018-10-08 11:49:42+00:00| seen| https://t.me/sysodmins/3832 2018-10-23 21:02:39+00:00| seen| https://t.me/mtikpro/97 2018-11-01 16:03:49+00:00| seen|...