Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

993 matches found

CVE
CVEadded 2025/06/30 12:0 a.m.29 views

CVE-2023-47310

CVE-2023-47310 describes a misconfiguration in the default settings of MikroTik RouterOS 7 that allows incoming IPv6 UDP traceroute packets. The issue affects RouterOS 7.x before the fixed 7.14 release; the root cause is a default-configuration error in IPv6 handling that bypasses expected filter...

6.5CVSS7.2AI score0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/06/30 12:0 a.m.3 views

PT-2025-27443 · Mikrotik · Mikrotik Routeros

Name of the Vulnerable Software and Affected Versions: MikroTik RouterOS versions prior to 7.14 Description: A misconfiguration in the default settings of MikroTik RouterOS allows incoming IPv6 UDP traceroute packets. Recommendations: For versions prior to 7.14, update to version 7.14 or later to...

6.5CVSS7.2AI score0.00252EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/06/27 10:18 p.m.9 views

CVE-2025-6443

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS7.2AI score0.00462EPSS
Exploits0References1
NVD
NVDadded 2025/06/25 10:15 p.m.9 views

CVE-2025-6443

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS0.00462EPSS
Exploits0References1
OSV
OSVadded 2025/06/25 10:15 p.m.3 views

CVE-2025-6443

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS5.9AI score0.00462EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/06/25 9:29 p.m.13 views

CVE-2025-6443 Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS0.00462EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/06/25 9:29 p.m.7 views

CVE-2025-6443 Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS7.2AI score0.00462EPSS
Exploits0References1
CVE
CVEadded 2025/06/25 9:29 p.m.173 views

CVE-2025-6443

CVE-2025-6443 describes an access-control bypass in MikroTik RouterOS related to VXLAN traffic. The flaw is in how remote IP addresses are handled during VXLAN processing, where the remote IP is not validated against configured values before allowing ingress into the internal network. This can al...

7.2CVSS7.2AI score0.00462EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2025/06/25 12:0 a.m.33 views

Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability

This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of remote IP addresses when processing VXLAN traffic. The issue resul...

7.2CVSS7.2AI score0.00462EPSS
Exploits0
CNNVD
CNNVDadded 2025/06/25 12:0 a.m.11 views

MikroTik RouterOS 访问控制错误漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. An access control error vulnerability exists in MikroTik RouterOS that stems from processing VXLAN traffic without...

7.2CVSS6.8AI score0.00462EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/06/25 12:0 a.m.12 views

PT-2025-26883 · Mikrotik · Mikrotik Routeros

Name of the Vulnerable Software and Affected Versions: Mikrotik RouterOS affected versions not specified Description: This issue allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this issue. The specific...

7.2CVSS7.1AI score0.00462EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2025/06/10 12:0 a.m.6 views

The vulnerability of the SMB service in the RouterOS operating system of MikroTik allows a hacker to cause a service failure.

The vulnerability of the SMB service in the RouterOS operating system from MikroTik relates to pointer dereferencing errors. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

7.8CVSS5.5AI score0.00467EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/31 12:52 a.m.13 views

CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service DoS, rendering the SMB service...

7.5CVSS7.5AI score0.00467EPSS
Exploits0References1
OSV
OSVadded 2025/05/29 8:15 p.m.0 views

CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service DoS, rendering the SMB service...

7.5CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2025/05/29 8:15 p.m.17 views

CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service DoS, rendering the SMB service...

7.5CVSS0.00467EPSS
Exploits0References1
CVE
CVEadded 2025/05/29 12:0 a.m.60 views

CVE-2024-54952

Summary (CVE-2024-54952) : MikroTik RouterOS 6.40.5’s SMB service contains a memory corruption vulnerability that can be exploited by remote, unauthenticated attackers via specially crafted packets to trigger a null pointer dereference, causing a Remote Denial of Service (DoS) and making the SMB ...

7.5CVSS7AI score0.00467EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/29 12:0 a.m.5 views

CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service DoS, rendering the SMB service...

7.8AI score0.00467EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/05/29 12:0 a.m.4 views

MikroTik RouterOS 安全漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to make it provide router functionality. A security vulnerability exists in MikroTik RouterOS version 6.40.5, which stems from a memory corruption in the SMB...

7.5CVSS6.7AI score0.00467EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/05/29 12:0 a.m.19 views

CVE-2024-54952

MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service DoS, rendering the SMB service...

0.00467EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:18 a.m.7 views

CVE-2023-30799

MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary...

9.1CVSS8.3AI score0.01313EPSS
Exploits0References1
Rows per page
Query Builder