Denial of Service Vulnerability in MikroTik RouterOS

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. MikroTik RouterOS suffers from a denial of service vulnerability that can be exploited by an attacker to cause the...

Mikrotik RouterOS NULL Pointer Dereference / Reachable Assertion Failure Vulnerabilities

Mikrotik RouterOS NULL Pointer Dereference / Reachable Assertion Failure Details ======= Product: MikroTik's RouterOS Vendor URL: https://mikrotik.com/ Vendor Status: fixed version released CVE: - Credit: Qian Chen@cq674350529 of Qihoo 360 Nirvan Team Product Description ================== Router...

Mikrotik Gather Device General Information

This module collects Mikrotik device information and configuration. This module has been tested against RouterOS 6.45.9. Module Options msf use post/networking/gather/enummikrotik msf postenummikrotik show actions ...actions... msf postenummikrotik set ACTION msf postenummikrotik show options...

Mikrotik Configuration Importer

This module imports a Mikrotik device configuration. Module Options msf use auxiliary/admin/networking/mikrotikconfig msf auxiliarymikrotikconfig show actions ...actions... msf auxiliarymikrotikconfig set ACTION msf auxiliarymikrotikconfig show options ...show and set options... msf...

The vulnerability of the RouterOS operating system’s Traceroute service allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system’s Traceroute service is related to the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafted packet...

The vulnerability of the CERM Crypto Export Restrictions Manager implementation in the RouterOS operating system of MikroTik allows a perpetrator to trigger a service failure.

The vulnerability of the CERM Crypto Export Restrictions Manager implementation in the RouterOS operating system of MikroTik relates to the uncontrolled use of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending a specially crafted...

MikroTik RouterOS Null Pointer Dereference / Division-By-Zero Vulnerability

MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability. MikroTik RouterOS Null Pointer Dereference / Division-By-Zero Vulnerability Details ======= Product: MikroTik's RouterOS Affected Versions: through...

Exploit for Improper Validation of Array Index in Mikrotik Routeros

CVE-2020-11881 MikroTik SMB Remote Denial of Service DoS...

MikroTik RouterOS Denial Of Service / Memory Corruption Vulnerability

MikroTik RouterOS suffers from two vulnerabilities. The cerm process suffers from an uncontrolled resource consumption issue. By sending a crafted packet, an authenticated remote user can cause a high cpu load, which may make the device respond slowly or unable to respond. Versions until stable...

MikroTik RouterOS <= 6.44.3 DoS Vulnerability

MikroTik RouterOS is prone to a denial of service DoS vulnerability in the SSH daemon. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MikroTik RouterOS DNS Cache Poisoning (CVE-2019-3978)

Binary data mikrotikcve-2019-3978.nbin...

PT-2020-6923 · Mikrotik · Mikrotik Routeros

Name of the Vulnerable Software and Affected Versions: MikroTik Router versions 6.46.3 and earlier Description: The issue allows an attacker to cause a denial of service via misconfiguration in the SSH daemon, potentially leading to uncontrolled resource consumption. This can be exploited by a...

CVE-2018-5951

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack...

Code injection

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack...

CVE-2018-5951

MikroTik RouterOS is affected by CVE-2018-5951. The issue arises when a 1-byte packet is crafted and sent to a RouterOS IPv6 address using IP Protocol 97, which will cause the RouterOS device to reboot imminently. All RouterOS versions that support EoIPv6 are vulnerable. Connected documents confi...

CVE-2018-5951

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack...

MikroTik WinBox Path Traversal Vulnerability

MikroTik RouterOS is a routing operating system, developed based on the Linux kernel, compatible with x86 PC routing software, through which a standard PC computer can be turned into a professional router.Winbox is a Windows-based software for remote management of RouterOS, providing an intuitive...

The vulnerability of the RouterOS operating system in MikroTik routers, related to the assignment of the zero pointer, allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system for MikroTik routers exists due to insufficient testing of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures using a specially created package...

MikroTik's RouterOS Console Process Memory Corruption Vulnerability

RouterOS is the operating system used on MikroTik devices such as switches, routers and access points. A memory corruption vulnerability exists in MikroTik's RouterOS console process. A null pointer reference that allows an authenticated remote attacker to send a carefully crafted packet causes t...

MikroTik's RouterOS Console Process Assertion Failure Vulnerability

RouterOS is the operating system used on MikroTik devices such as switches, routers and access points. A memory corruption vulnerability exists in MikroTik's RouterOS console process. A remote attacker who allows authentication could crash the console process by sending carefully crafted packets...