Filtered by vendor Mikrotik
Subscriptions
Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1156 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system. | ||||
| CVE-2018-10070 | 1 Mikrotik | 2 Router, Router Firmware | 2024-11-21 | N/A |
| A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. | ||||
| CVE-2018-10066 | 1 Mikrotik | 1 Routeros | 2024-11-21 | N/A |
| An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network (for example, at site-to-site tunnels). | ||||
| CVE-2017-20149 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 9.8 Critical |
| The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later. | ||||