Filtered by vendor Mikrotik
Subscriptions
Total
89 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13954 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected. | ||||
| CVE-2019-13074 | 1 Mikrotik | 26 Ccr1009-7g-1c-1s\+, Ccr1009-7g-1c-1s\+pc, Ccr1009-7g-1c-pc and 23 more | 2024-11-21 | N/A |
| A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. | ||||
| CVE-2018-5951 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 7.5 High |
| An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack. | ||||
| CVE-2018-1159 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting. | ||||
| CVE-2018-1158 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. | ||||
| CVE-2018-1157 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request. | ||||
| CVE-2018-1156 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system. | ||||
| CVE-2018-10070 | 1 Mikrotik | 2 Router, Router Firmware | 2024-11-21 | N/A |
| A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. | ||||
| CVE-2018-10066 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network (for example, at site-to-site tunnels). | ||||