Lucene search
+L

998 matches found

euvd
euvd
added 2 days ago4 views

EUVD-2026-43601

An issue in MikroTIk SIA Mikrotikls, Latvia RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten function in libumsg.so...

7.5CVSS6.1AI score0.00409EPSS
Exploits0References3
nvd
nvd
added 3 days ago4 views

CVE-2026-39042

An issue in MikroTIk SIA Mikrotikls, Latvia RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten function in libumsg.so...

7.5CVSS0.00409EPSS
Exploits0References2
cvelist
cvelist
added 3 days ago31 views

CVE-2026-39042

An issue in MikroTIk SIA Mikrotikls, Latvia RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten function in libumsg.so...

0.00409EPSS
Exploits0References2
cve
cve
added 3 days ago9 views

CVE-2026-39042

The CVE-2026-39042 issue affects MikroTik RouterOS, specifically 7.21.x prior to 7.21.4 and 7.22.x prior to 7.22.2. The vulnerability resides in the unflatten() function within libumsg.so, allowing a remote attacker to cause a denial of service. No exploitation details are provided in the documen...

7.5CVSS6.1AI score0.00409EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 6:49 p.m.16 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

7.5CVSS5.5AI score0.00591EPSS
Exploits7References1
euvd
euvd
added 2026/05/08 6:32 a.m.12 views

EUVD-2024-24880

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

7.5CVSS5.8AI score0.00591EPSS
Exploits7References3
nvd
nvd
added 2026/05/08 6:16 a.m.20 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

7.5CVSS0.00591EPSS
Exploits7References2
vulnrichment
vulnrichment
added 2026/05/08 12:0 a.m.7 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

5.8AI score0.00591EPSS
Exploits7References2
cvelist
cvelist
added 2026/05/08 12:0 a.m.35 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

0.00591EPSS
Exploits7References2
attackerkb
attackerkb
added 2026/05/08 12:0 a.m.9 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

5.8AI score0.00591EPSS
Exploits7References3
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.13 views

Mikrotik RouterOS 资源管理错误漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There were resource management vulnerabilities in the Mikrotik RouterOS x86 version 6.40.5 to 6.49.10. These vulnerabilities stemmed from the SMB service’s handling of specially crafted packets...

7.5CVSS5.8AI score0.00591EPSS
Exploits7References1
nessus
nessus
added 2026/05/08 12:0 a.m.9 views

MikroTik RouterOS <= 7.20 Authentication Bypass via Improper Certificate Validation (CVE-2025-42611)

According to its self-reported version, the remote networking device is running a version of MikroTik RouterOS 7.x prior to or equal to 7.20. It is, therefore, affected by an authentication bypass vulnerability caused by improper certificate validation. The vulnerability lies in shared certificat...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References2
cve
cve
added 2026/05/08 12:0 a.m.73 views

CVE-2024-27686

CVE-2024-27686 affects MikroTik RouterOS on x86, with versions 6.40.5 through 6.49.10 vulnerable to remote denial of service via specially crafted SMB data on TCP port 445; 6.49.10 is among the tested ranges and the fix is in version 7. The root cause involves handling of SMB requests that can cr...

7.5CVSS5.8AI score0.00591EPSS
Exploits7References2
cve
cve
added 2026/05/05 10:58 a.m.47 views

CVE-2025-42611

CVE-2025-42611 : RouterOS provides multiple services (OpenVPN, CAPsMAN, Dot1x) that rely on certificate verification using a system-wide trusted store. The vulnerability stems from shared certificate validation logic that uses this store, allowing any CA in the trust store to be trusted across co...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/05 10:58 a.m.6 views

CVE-2025-42611

RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/05 10:58 a.m.17 views

CVE-2025-42611 Improper certificate validation in multiple RouterOS services

RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/05 10:58 a.m.41 views

CVE-2025-42611 Improper certificate validation in multiple RouterOS services

RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x 802.1X, among others. The vulnerability lies in shared certificate validation logic which uses th...

6.5CVSS0.00186EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/05 12:0 a.m.26 views

Mikrotik RouterOS 信任管理问题漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There is a vulnerability in MikroTik RouterOS’s trust management mechanism. This vulnerability stems from the shared certificate validation logic, which leads to scope confusion. As a result, a...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/05/04 8:21 p.m.8 views

CVE-2026-7668

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

7.5CVSS6.9AI score0.003EPSS
Exploits0References1
nvd
nvd
added 2026/05/02 9:16 p.m.55 views

CVE-2026-7668

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

7.5CVSS0.003EPSS
Exploits0References4
Rows per page
Query Builder