MikroTik RouterOS 6.40.5 - 6.44, 6.48.1 - 6.49.10 DoS Vulnerability

MikroTik RouterOS is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RouterOS 6.44 / 6.49.10 Denial Of Service

Exploit Title: CVE-2024-27686: RouterOS-SMB-DOS Google Dork: N/A Date: 03/04/2024 Exploit Author: ice-wzl, Solstice Cyber Solutions Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download/archive Version: RouterOS devices ranging from 6.40.5 - 6.44 and 6.48.1 - 6.49.10...

RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service

Exploit Title: CVE-2024-27686: RouterOS-SMB-DOS Google Dork: N/A Date: 03/04/2024 Exploit Author: ice-wzl, Solstice Cyber Solutions Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download/archive Version: RouterOS devices ranging from 6.40.5 - 6.44 and 6.48.1 - 6.49.10...

MikroTik RouterOS Download of Code Without Integrity Check (CVE-2019-3977)

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into upgrading to an older version of RouterOS and possibly reseting all the system's...

MikroTik RouterOS Improper Access Control (CVE-2021-27221)

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Out-of-Bounds Read in SNMP (CVE-2022-45315)

Mikrotik RouterOs before stable v7.6 was discovered to contain an out- of-bounds read in the snmp process. This vulnerability allows authenticated attackers to execute arbitrary code via a crafted packet. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOs Reachable Assertion (CVE-2020-20225)

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /nova/bin/user process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Uncontrolled Resource Consumption (CVE-2017-6444)

The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service CPU consumption by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 10...

MikroTik RouterOS Improper Access Control (CVE-2023-41570)

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; i...

MikroTik RouterOS Out-of-bounds Write (CVE-2021-41987)

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10. This plugin only works with Tenable.ot. Please...

MikroTik RouterOs Out-of-bounds Write (CVE-2023-30800)

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

MikroTik RouterOs Out-of-bounds Write (CVE-2020-20265)

Mikrotik RouterOs before 6.47 stable tree suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Uncontrolled Recursion (CVE-2018-1158)

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

MikroTik RouterOs NULL Pointer Dereference (CVE-2021-36613)

Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

MikroTik RouterOs Out-of-bounds Write (CVE-2020-20245)

Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the log process. An authenticated remote attacker can cause a Denial of Service due to improper memory access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

MikroTik RouterOS Allocation of Resources Without Limits or Throttling (CVE-2019-13074)

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Path Traversal (CVE-2019-3943)

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files...

MikroTik RouterOS Out-of-bounds Write (CVE-2023-24094)

An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service DoS via crafted packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

MikroTik RouterOS Path Traversal (CVE-2019-3976)

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled. This...

MikroTik RouterOS Allocation of Resources Without Limits or Throttling (CVE-2020-10364)

The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management. This plugin only works with Tenable.ot. Plea...