993 matches found
Null pointer dereference
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference...
CVE-2021-36613
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference...
CVE-2021-36613
MikroTik RouterOS
CVE-2021-36614
The CVE-2021-36614 issue affects MikroTik RouterOS prior to 6.48.2, where the tr069-client component experiences memory corruption that permits an authenticated remote attacker to cause a Denial of Service via a NULL pointer dereference. Documents from Red Hat, Tenable, OpenVAS, CVE listings, and...
CVE-2021-36614
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference...
MikroTik RouterOS 代码问题漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A security vulnerability exists in MikroTik RouterOS versions prior to 6.48.2 stable that stems from a memory...
PT-2022-10527 · Mikrotik · Routeros +1
Name of the Vulnerable Software and Affected Versions: Mikrotik RouterOs versions prior to 6.48.2 Description: The issue is related to a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service due to a NULL pointer dereference...
PT-2022-10526 · Mikrotik · Routeros +1
Name of the Vulnerable Software and Affected Versions: Mikrotik RouterOs versions prior to 6.48.2 Description: The issue is a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference. Recommendations: For versions...
MikroTik RouterOS 代码问题漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A security vulnerability exists in MikroTik RouterOS versions prior to 6.48.2 stable that stems from a memory...
MikroTik RouterOS RCE Vulnerability (CVE-2021-41987)
MikroTik RouterOS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control
Microsoft on Wednesday detailed a previously undiscovered technique put to use by the TrickBot malware that involves using compromised Internet of Things IoT devices as a go-between for establishing communications with the command-and-control C2 servers. "By using MikroTik routers as proxy server...
CVE-2021-41987
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10...
CVE-2021-41987
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10...
Heap overflow
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10...
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
Trickbot, a sophisticated trojan that has evolved significantly since its discovery in 2016, has continually expanded its capabilities and, even with disruption efforts and news of its infrastructure going offline, it has managed to remain one of the most persistent threats in recent years. The...
CVE-2021-41987
The vulnerability CVE-2021-41987 affects MikroTik RouterOS SCEP Server in specific releases (RouterOS 6.46.8, 6.47.9, 6.47.10). A heap-based buffer overflow can be triggered by an attacker who knows the scep_server_name value, leading to remote code execution. Multiple sources (NVD entry and Red ...
CVE-2021-41987
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10...
MikroTik RouterOS 缓冲区错误漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. MikroTik RouterOS suffers from a buffer error vulnerability that stems from a heap-based buffer overflow in the SC...
The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.
The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted FTP request...
The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.
The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafted SMB request...