EUVD-2024-24880

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

CVE-2024-27686

CVE-2024-27686 affects MikroTik RouterOS on x86, with versions 6.40.5 through 6.49.10 vulnerable to remote denial of service via specially crafted SMB data on TCP port 445; 6.49.10 is among the tested ranges and the fix is in version 7. The root cause involves handling of SMB requests that can cr...

Mikrotik RouterOS 资源管理错误漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There were resource management vulnerabilities in the Mikrotik RouterOS x86 version 6.40.5 to 6.49.10. These vulnerabilities stemmed from the SMB service’s handling of specially crafted packets...

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

Mikrotik RouterOS 信任管理问题漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There is a vulnerability in MikroTik RouterOS’s trust management mechanism. This vulnerability stems from the shared certificate validation logic, which leads to scope confusion. As a result, a...

CVE-2026-7668

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

CVE-2026-7668

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

CVE-2026-7668 MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

EUVD-2026-26801

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

CVE-2026-7668 MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

CVE-2026-7668

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

CVE-2026-7668

CVE-2026-7668 affects MikroTik RouterOS 6.49.8, specifically the SCEP Endpoint component, in nova/lib/www/scep.p. The root cause is out-of-bounds read in ASN1_STRING_data when manipulating transactionID/messageType, potentially allowing remote initiation. Public exploit code is noted, and disclos...

Mikrotik RouterOS 缓冲区错误漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. Version 6.49.8 of Mikrotik RouterOS contains a buffer error vulnerability. This vulnerability stems from the ASN1STRINGdata function in the nova/lib/www/scep.p library, which processes paramete...

PT-2026-36638

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1 STRING data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiat...

📄 MikroTik RouterOS WinBox 3.41 Username Enumeration

Proof of concept exploit for MikroTik RouterOS WinBox version 3.41 that demonstrates a username enumeration vulnerability. ============================================================================================================================================= | Title : MikroTik RouterOS WinB...

📄 MikroTik RouterOS 6.40.10 Denial of Service

This exploit targets a vulnerability in the MikroTik RouterOS SMB service, allowing remote attackers to crash the SMB process and render services unavailable. Specially crafted SMB packets trigger an abnormal condition, leading to a denial of service, requiring manual restart or reboot of the...

Exploit for Out-of-bounds Write in Mikrotik Routeros

Mikrotik Exploit Scan and Export RouterOS Password A security...

CVE-2019-16160

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service...

MikroTik RouterOS 7.x Buffer Overflow Vulnerability

MikroTik RouterOS is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:mikrotik:routeros"...