Routeros Security Vulnerabilities and Issues — Routeros CVE List

Lucene search

MikrotikRouteros

5 matches found

CVE•added 2023/07/19 3:15 p.m.•319 views

CVE-2023-30799

MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary c...

9.1CVSS8.7AI score0.00144EPSS

CVE•added 2023/09/07 4:15 p.m.•237 views

CVE-2023-30800

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in...

7.5CVSS7.7AI score0.014EPSS

CVE•added 2023/11/14 11:15 p.m.•179 views

CVE-2023-41570

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.

5.3CVSS5.3AI score0.00089EPSS

CVE•added 2023/07/12 1:15 p.m.•156 views

CVE-2020-20021

An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon.

7.5CVSS7.3AI score0.00064EPSS

CVE•added 2023/03/27 2:15 p.m.•75 views

CVE-2023-24094

An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets.

7.5CVSS7.3AI score0.00042EPSS