The vulnerability of the application software interface of the RouterOS operating system for MikroTik routers allows a hacker to disclose protected information.

The vulnerability of the application software interface of the RouterOS operating system for MikroTik routers is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

MikroTik RouterOS 7.1 < 7.12 Access Control Vulnerability

MikroTik RouterOS is prone to an access control vulnerability in the REST API. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-41570

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API...

CVE-2023-41570

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API...

CVE-2023-41570

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API...

Design/Logic Flaw

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API...

CVE-2023-41570

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API...

CVE-2023-41570

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API...

MikroTik RouterOS Security Vulnerability

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in PCs to enable them to provide router functionality. A security vulnerability exists in MikroTik RouterOS versions v7.1 through 7.11 that stems from the presence of a...

CVE-2023-41570

Affected product/versions: MikroTik RouterOS 7.1–7.11. Vulnerability: Incorrect Rest API access control mechanisms, enabling potential unauthorized information disclosure. Root cause: improper access control in the Rest API. Impact: Network-exposed vulnerability with high confidentiality impact; ...

The vulnerability of the SSH daemon on the RouterOS operating system, specifically the hAP lite router, allows a hacker to cause a service failure.

The vulnerability of the SSH daemon in the RouterOS operating system, specifically the hAP lite router, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

MikroTik RouterOS 6.0.0 < 6.48.8, 6.49.x < 6.49.10 DoS Vulnerability

MikroTik RouterOS is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

The vulnerability of the JSProxy web server on the RouterOS operating system of MikroTik routers allows a hacker to cause a service failure.

The vulnerability of the JSProxy web server on the RouterOS operating system of MikroTik devices relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specially crafted HTTP reques...

CVE-2023-30800

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

CVE-2023-30800

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

Memory corruption

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

CVE-2023-30800 MikroTik RouterOS Web Interface Heap Corruption

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

CVE-2023-30800 MikroTik RouterOS Web Interface Heap Corruption

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

CVE-2023-30800

The CVE-2023-30800 entry concerns MikroTik RouterOS web interface heap memory corruption on the RouterOS web server, affecting versions prior to 6.49.10. A remote, unauthenticated attacker can trigger the issue via a crafted HTTP request, causing the web interface to crash and restart. The vulner...

MikroTik RouterOS Buffer Error Vulnerability

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in PCs to enable them to provide router functionality. A security vulnerability exists in MikroTik RouterOS versions prior to 6.49.1, which stems from the presence of a...