MikroTik RouterOS 缓冲区错误漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. MikroTik RouterOS has a memory corruption vulnerability in the /nova/bin/traceroute process. A remote attacker cou...

Exploit for Path Traversal in Mikrotik Routeros

WinboxExploit This is a proof of concept of the critical WinBo...

The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to compromise the integrity and accessibility of protected information.

The vulnerability of the RouterOS operating system for MikroTik routers lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...

Unspecified Vulnerability in MikroTik RouterOS

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A security vulnerability exists in MikroTik RouterOS version 6.47.9 that allows remote authenticated ftp users to...

CVE-2021-27221

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work...

CVE-2021-27221

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work...

CVE-2021-27221

MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work...

CVE-2021-27221

CVE-2021-27221 — MikroTik RouterOS 6.47.9 permits remote authenticated FTP users to create or overwrite arbitrary .rsc files via the /export command. The issue is framed by MikroTik as intended behavior due to user policy design, and multiple connected sources corroborate the impact on file creat...

PT-2021-2491 · Mikrotik · Mikrotik Routeros

Name of the Vulnerable Software and Affected Versions: MikroTik RouterOS version 6.47.9 Description: The issue allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. It is noted that the vendor considers this behavior as intended due to how user...

MikroTik RouterOS 命令注入漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A security vulnerability exists in MikroTik RouterOS version 6.47.9 that allows remote authenticated ftp users to...

Mikrotik RouterOS v6.48 suffers from a denial of service vulnerability

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A denial of service vulnerability exists in Mikrotik RouterOS v6.48, which can be exploited by an attacker to caus...

MikroTik RouterOS Cross-Site Scripting Vulnerability (CNVD-2021-01532)

MikroTik RouterOS is the operating system for the MikroTik RouterBOARD hardware. A reflected cross-site scripting vulnerability exists in the hotspot login page in MikroTik RouterOS 2021-01-04 and earlier. An attacker can exploit this vulnerability via the target parameter to conduct a cross-site...

CVE-2021-3014

In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter...

CVE-2021-3014

In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter...

Cross site scripting

In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter...

CVE-2021-3014

CVE-2021-3014 affects MikroTik RouterOS (through 2021-01-04) with a reflected XSS vulnerability in the hotspot login page, exploitable via the target parameter. The affected component is the hotspot login page; the underlying issue is reflected XSS. Publicly available references in the connected ...

CVE-2021-3014

In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter...

Mikrotik MikroTik RouterOS 跨站脚本漏洞

MikroTik RouterOS is the operating system for the MikroTik RouterBOARD hardware. A reflected cross-site scripting vulnerability exists in the hotspot login page in MikroTik RouterOS 2021-01-04 and earlier. An attacker can exploit this vulnerability via the target parameter to conduct a cross-site...

GHSA-7WWV-VH3V-89CQ ReDOS vulnerabities: multiple grammars

Impact: Potential ReDOS vulnerabilities exponential and polynomial RegEx backtracking oswasp: The Regular expression Denial of Service ReDoS is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very...

VulnCheck KEV: CVE-2018-14847

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface...