MikroTik RouterOS Improper Limitation of a Pathname to a Restricted Directory (CVE-2018-14847)

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Uncontrolled Resource Consumption (CVE-2017-6444)

The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service CPU consumption by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 10...

MikroTik RouterOS Missing Release of Memory after Effective Lifetime (CVE-2020-22844)

A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service DOS via crafted SMB requests. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

MikroTik RouterOS Improper Privilege Management (CVE-2023-30799)

MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super- admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrar...

MikroTik RouterOs Reachable Assertion (CVE-2020-20214)

Mikrotik RouterOs 6.44.6 long-term tree suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOs Divide By Zero (CVE-2020-20264)

Mikrotik RouterOs before 6.47 stable tree in the /ram/pckg/advanced- tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

MikroTik RouterOs Out-of-bounds Write (CVE-2020-20218)

Mikrotik RouterOs 6.44.6 long-term tree suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOs NULL Pointer Dereference (CVE-2020-20252)

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOs Out-of-bounds Write (CVE-2020-20249)

Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...

MikroTik RouterOs NULL Pointer Dereference (CVE-2021-36613)

Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

MikroTik RouterOs Out-of-bounds Write (CVE-2020-20245)

Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the log process. An authenticated remote attacker can cause a Denial of Service due to improper memory access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

MikroTik RouterOs Out-of-bounds Write (CVE-2020-20215)

Mikrotik RouterOs 6.44.6 long-term tree suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Allocation of Resources Without Limits or Throttling (CVE-2019-13074)

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOS Path Traversal (CVE-2019-3976)

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled. This...

MikroTik RouterOS Out-of-bounds Write (CVE-2023-24094)

An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service DoS via crafted packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

MikroTik RouterOs NULL Pointer Dereference (CVE-2020-20250)

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference. NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four...

MikroTik RouterOS Uncontrolled Recursion (CVE-2018-1158)

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

MikroTik RouterOS Allocation of Resources Without Limits or Throttling (CVE-2020-10364)

The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management. This plugin only works with Tenable.ot. Plea...

MikroTik RouterOS Path Traversal (CVE-2019-3943)

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files...

RouterOS-SMB-DOS-POC

CVE-2024-27686: RouterOS-SMB-DOS-POC Update As of 3/4/24 Mit...