2 matches found
MikroTik RouterOs Reachable Assertion (CVE-2020-20211)
Mikrotik RouterOs 6.44.5 long-term tree suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. This plugin only works with Tenable.ot. Please visit...
CVE-2019-3977
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into "upgrading" to an older version of RouterOS and possibly reseting all the system...