505 matches found
EUVD-2026-43601
An issue in MikroTIk SIA Mikrotikls, Latvia RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten function in libumsg.so...
CVE-2026-39042
An issue in MikroTIk SIA Mikrotikls, Latvia RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten function in libumsg.so...
CVE-2026-39042
An issue in MikroTIk SIA Mikrotikls, Latvia RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten function in libumsg.so...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
EUVD-2024-24880
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
Mikrotik RouterOS 资源管理错误漏洞
Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There were resource management vulnerabilities in the Mikrotik RouterOS x86 version 6.40.5 to 6.49.10. These vulnerabilities stemmed from the SMB service’s handling of specially crafted packets...
CVE-2024-27686
CVE-2024-27686 affects MikroTik RouterOS on x86, with versions 6.40.5 through 6.49.10 vulnerable to remote denial of service via specially crafted SMB data on TCP port 445; 6.49.10 is among the tested ranges and the fix is in version 7. The root cause involves handling of SMB requests that can cr...
Mikrotik RouterOS 信任管理问题漏洞
Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There is a vulnerability in MikroTik RouterOS’s trust management mechanism. This vulnerability stems from the shared certificate validation logic, which leads to scope confusion. As a result, a...
CVE-2026-7668
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...
CVE-2026-7668
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...
EUVD-2026-26801
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...
CVE-2026-7668
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...
CVE-2026-7668
CVE-2026-7668 affects MikroTik RouterOS 6.49.8, specifically the SCEP Endpoint component, in nova/lib/www/scep.p. The root cause is out-of-bounds read in ASN1_STRING_data when manipulating transactionID/messageType, potentially allowing remote initiation. Public exploit code is noted, and disclos...
CVE-2026-7668 MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...
CVE-2026-7668 MikroTik RouterOS SCEP Endpoint scep.p ASN1_STRING_data out-of-bounds
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...
Mikrotik RouterOS 缓冲区错误漏洞
Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. Version 6.49.8 of Mikrotik RouterOS contains a buffer error vulnerability. This vulnerability stems from the ASN1STRINGdata function in the nova/lib/www/scep.p library, which processes paramete...
PT-2026-36638
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1 STRING data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiat...
📄 MikroTik RouterOS WinBox 3.41 Username Enumeration
Proof of concept exploit for MikroTik RouterOS WinBox version 3.41 that demonstrates a username enumeration vulnerability. ============================================================================================================================================= | Title : MikroTik RouterOS WinB...