Routeros Security Vulnerabilities and Issues — Routeros CVE List

Lucene search

MikrotikRouteros

5 matches found

CVE•added 2020/03/23 4:15 p.m.•131 views

CVE-2020-10364

The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.

7.8CVSS7.5AI score0.02151EPSS

CVE•added 2020/09/14 9:15 p.m.•128 views

CVE-2020-11881

An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964.

7.5CVSS7.5AI score0.21166EPSS

CVE•added 2020/10/07 4:15 p.m.•125 views

CVE-2019-16160

An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.

7.5CVSS7.5AI score0.01761EPSS

CVE•added 2020/03/02 10:15 p.m.•66 views

CVE-2018-5951

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.

7.5CVSS7.4AI score0.15503EPSS

CVE•added 2020/01/14 7:15 p.m.•43 views

CVE-2019-3981

MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password.

4.3CVSS4.4AI score0.00323EPSS