Lucene search
K

37 matches found

Krebs on Security
Krebs on Security
added 2026/04/07 5:2 p.m.13 views

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/07 4:48 p.m.10 views

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

The Russia-linked threat actor known as APT28 aka Forest Blizzard has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at...

6.5CVSS7AI score0.1745EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.14 views

CVE-2020-10364

The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management...

7.8CVSS7AI score0.02594EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-2819

Malware in sbrugna...

7.8CVSS7.5AI score0.02594EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.10 views

The vulnerability of the RouterOS operating system for MikroTik routers, related to insufficient validation of input data, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the RouterOS operating system for MikroTik routers is related to insufficient validation of input data when processing the dst parameter. Exploiting this vulnerability allows a malicious actor to perform domain-based scenario attacks remotely...

4.8CVSS5.4AI score0.00642EPSS
Exploits2References2Affected Software1
The Hacker News
The Hacker News
added 2025/01/21 12:46 p.m.32 views

13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...

9.1CVSS8AI score0.01313EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.8 views

The vulnerability of the Checkmk Exchange plugin for MikroTik routers allows a hacker to execute a spoofing attack.

The vulnerability of the Checkmk Exchange plugin for MikroTik routers is related to errors in the authentication process. Exploiting this vulnerability allows a malicious actor to execute a spoofing attack remotely...

4.8CVSS5.6AI score0.00189EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2024/07/05 12:20 p.m.23 views

OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers

French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service DDoS attack in April 2024 that reached a packet rate of 840 million packets per second Mpps. This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.8 views

The vulnerability of the application software interface of the RouterOS operating system for MikroTik routers allows a hacker to disclose protected information.

The vulnerability of the application software interface of the RouterOS operating system for MikroTik routers is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

5.3CVSS5.8AI score0.00473EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.5 views

MikroTik routers 资源管理错误漏洞

MikroTik routers is a router product from the Latvian company MikroTik. A security vulnerability exists in MikroTik routers v6.46.3 and earlier versions that originates from a misconfiguration that allows an attacker to cause a denial of service via an SSH daemon...

7.5CVSS7.3AI score0.01014EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.9 views

The vulnerability of the RouterOS operating system in MikroTik routers stems from incorrect handling of the link pointer before accessing a file. This allows a hacker to install any arbitrary file anywhere on the host.

The vulnerability of the RouterOS operating system for MikroTik routers stems from an incorrect definition of the link before accessing a file. Exploiting this vulnerability allows a malicious actor to install any arbitrary file anywhere on the host...

10CVSS7.8AI score0.01135EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/07 12:0 a.m.8 views

The vulnerability of the SNMP (Simple Network Management Protocol) implementation in the RouterOS operating system of MikroTik allows a hacker to execute arbitrary code.

The vulnerability in the implementation of the SNMP Simple Network Management Protocol protocol in the RouterOS operating system of MikroTik routers lies in the ability to read data beyond the buffer boundaries in memory during the processing of the u32id key. Exploiting this vulnerability allows...

10CVSS8.4AI score0.01255EPSS
Exploits1References4Affected Software1
The Hacker News
The Hacker News
added 2022/03/17 10:5 a.m.150 views

TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control

Microsoft on Wednesday detailed a previously undiscovered technique put to use by the TrickBot malware that involves using compromised Internet of Things IoT devices as a go-between for establishing communications with the command-and-control C2 servers. "By using MikroTik routers as proxy server...

9.1CVSS1AI score0.96087EPSS
Exploits23
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/03/16 3:0 p.m.122 views

Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure

Trickbot, a sophisticated trojan that has evolved significantly since its discovery in 2016, has continually expanded its capabilities and, even with disruption efforts and news of its infrastructure going offline, it has managed to remain one of the most persistent threats in recent years. The...

6.4CVSS0.8AI score0.96087EPSS
Exploits23
The Hacker News
The Hacker News
added 2022/03/05 7:53 a.m.145 views

Imperva Thwarts 2.5 Million RPS Ransom DDoS Extortion Attacks

Cybersecurity company Imperva on Friday said it recently mitigated a ransom distributed denial-of-service DDoS attack targeting an unnamed website that peaked at 2.5 million requests per second RPS. "While ransom DDoS attacks are not new, they appear to be evolving and becoming more interesting...

9.1CVSS0.8AI score0.96087EPSS
Exploits23
BDU FSTEC
BDU FSTEC
added 2022/03/04 12:0 a.m.6 views

The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted FTP request...

7.8CVSS7.4AI score0.0123EPSS
Exploits0References4Affected Software1
Krebs on Security
Krebs on Security
added 2021/09/10 6:12 p.m.23 views

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive and mercifully brief distributed denial-of-service DDoS attack. The assault came from "Meris," the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure fi...

7.1AI score
Exploits0
CNVD
CNVD
added 2021/04/12 12:0 a.m.2 views

Denial of Service Vulnerability in MikroTik CHR Routers

Founded in 1995 and headquartered in Riga, Latvia, MikroTik is engaged in the development of routers and wireless ISP systems. A denial of service vulnerability exists in the MikroTik CHR router, which can be exploited by an attacker to cause the program to crash...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.7 views

The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to compromise the integrity and accessibility of protected information.

The vulnerability of the RouterOS operating system for MikroTik routers lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...

8.5CVSS7.4AI score0.04494EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/26 12:0 a.m.7 views

The vulnerability of the SSH daemon on the RouterOS operating system of MikroTik allows a hacker to cause a service failure.

The vulnerability of the SSH daemon on the RouterOS operating system of MikroTik routers is related to an uncontrolled resource consumption. Exploiting this vulnerability allows a malicious actor to cause service failures by using system calls like connect and write...

7.8CVSS7.2AI score0.02594EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder