Routeros Security Vulnerabilities and Issues — Routeros CVE List

Lucene search

MikrotikRouteros

5 matches found

CVE•added 2018/08/02 7:29 a.m.•1600 views

CVE-2018-14847

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.

9.1CVSS8.9AI score0.92587EPSS

CVE•added 2018/08/23 7:29 p.m.•135 views

CVE-2018-1157

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.

6.8CVSS6.7AI score0.02196EPSS

CVE•added 2018/08/23 7:29 p.m.•100 views

CVE-2018-1156

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.

9CVSS8.7AI score0.04264EPSS

CVE•added 2018/08/23 7:29 p.m.•76 views

CVE-2018-1159

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.

6.5CVSS7.5AI score0.01026EPSS

CVE•added 2018/08/23 7:29 p.m.•70 views

CVE-2018-1158

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.

6.5CVSS6.9AI score0.01321EPSS