CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

993 matches found

EUVD•added 2026/05/02 8:0 p.m.•26 views

EUVD-2026-26801

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1STRINGdata in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated...

7.5CVSS6.8AI score0.003EPSS

Exploits0References4

CNNVD•added 2026/05/02 12:0 a.m.•13 views

Mikrotik RouterOS 缓冲区错误漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. Version 6.49.8 of Mikrotik RouterOS contains a buffer error vulnerability. This vulnerability stems from the ASN1STRINGdata function in the nova/lib/www/scep.p library, which processes paramete...

7.5CVSS7.3AI score0.003EPSS

Exploits0References5

Positive Technologies•added 2026/05/02 12:0 a.m.•12 views

PT-2026-36638

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1 STRING data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiat...

7.5CVSS6.9AI score0.003EPSS

Exploits0References5

RedhatCVE•added 2026/03/27 2:26 p.m.•9 views

CVE-2021-27221

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work...

8.5CVSS7.3AI score0.04494EPSS

Exploits1References1

Packet Storm•added 2026/02/06 12:0 a.m.•185 views

📄 MikroTik RouterOS WinBox 3.41 Username Enumeration

Proof of concept exploit for MikroTik RouterOS WinBox version 3.41 that demonstrates a username enumeration vulnerability. ============================================================================================================================================= | Title : MikroTik RouterOS WinB...

5.3AI score

Exploits0

Packet Storm•added 2026/01/27 12:0 a.m.•132 views

📄 MikroTik RouterOS 6.40.10 Denial of Service

This exploit targets a vulnerability in the MikroTik RouterOS SMB service, allowing remote attackers to crash the SMB process and render services unavailable. Specially crafted SMB packets trigger an abnormal condition, leading to a denial of service, requiring manual restart or reboot of the...

5.5AI score0.00591EPSS

Exploits7

GithubExploit•added 2026/01/11 4:8 p.m.•214 views

Exploit for Out-of-bounds Write in Mikrotik Routeros

Mikrotik Exploit Scan and Export RouterOS Password A security...

9.8CVSS9.2AI score0.02554EPSS

Exploits2

RedhatCVE•added 2026/01/07 9:30 a.m.•9 views

CVE-2019-16160

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service...

7.5CVSS7AI score0.02534EPSS

Exploits0References1

OpenVAS•added 2025/11/07 12:0 a.m.•34 views

MikroTik RouterOS 7.x Buffer Overflow Vulnerability

MikroTik RouterOS is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:mikrotik:routeros"...

9CVSS7.4AI score0.00713EPSS

Exploits0References5

RedhatCVE•added 2025/10/28 12:28 a.m.•19 views

CVE-2025-61481

An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over cleartext HTTP by default, allowing an on-path attacker to execute injected JavaScript in the administrator’s browser and intercept credentials...

10CVSS7.1AI score0.00279EPSS

Exploits0References1

EUVD•added 2025/10/27 3:30 p.m.•13 views

EUVD-2025-36192

An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute arbitrary code via the HTTP- only WebFig management component...

10CVSS7.5AI score0.00279EPSS

Exploits0References4

NVD•added 2025/10/27 2:15 p.m.•7 views

CVE-2025-61481

10CVSS0.00279EPSS

Exploits0References3

CNNVD•added 2025/10/27 12:0 a.m.•9 views

MikroTik RouterOS和MikroTik RouterOS 7 安全漏洞

MikroTik RouterOS and MikroTik RouterOS 7 are both products of the Latvian company MikroTik.MikroTik RouterOS is a router operating system developed on Linux. The system can be deployed in a PC to make it provide router functionality.MikroTik RouterOS 7 is an operating system... A security...

10CVSS7AI score0.00279EPSS

Exploits0References4

Vulnrichment•added 2025/10/27 12:0 a.m.•4 views

CVE-2025-61481

6.8AI score0.00279EPSS

Exploits0References3

Cvelist•added 2025/10/27 12:0 a.m.•21 views

CVE-2025-61481

0.00279EPSS

Exploits0References3

CVE•added 2025/10/27 12:0 a.m.•463 views

CVE-2025-61481

The CVE-2025-61481 entry concerns MikroTik RouterOS v7.14.2 and SwOS v2.18 (also SwitchOS v2.18 in related disclosures) where the WebFig management interface is exposed over cleartext HTTP by default. This misconfiguration allows an on‑path attacker to inject JavaScript in the administrator’s bro...

10CVSS6.8AI score0.00279EPSS

Exploits0References3

Positive Technologies•added 2025/10/15 12:0 a.m.•12 views

PT-2025-43960

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS version 7.14.2 MikroTik SwitchOS version 2.18 Description An issue exists in MikroTik RouterOS and SwitchOS where the WebFig management interface is exposed over cleartext HTTP by default. This allows a remote attacker to...

10CVSS7.8AI score0.00279EPSS

Exploits0References18

EUVD•added 2025/10/07 12:30 a.m.•17 views

EUVD-2017-11155

Malware in sbrugna...

9.8CVSS9.1AI score0.02554EPSS

Exploits2References3

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2018-2148

Malware in sbrugna...

8.1CVSS8.1AI score0.01049EPSS

Exploits1References2