Summary
| Detail | |||
|---|---|---|---|
| Vendor | Mikrotik | First view | 2018-03-19 |
| Product | Routeros | Last view | 2023-11-14 |
| Version | 6.35 | Type | Os |
| Update | rc45 | ||
| Edition | ~~testing~~~ | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:mikrotik:routeros | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.3 | 2023-11-14 | CVE-2023-41570 | MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API. |
| 7.5 | 2023-09-07 | CVE-2023-30800 | The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected. |
| 7.2 | 2023-07-19 | CVE-2023-30799 | MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system. |
| 7.5 | 2023-07-12 | CVE-2020-20021 | An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon. |
| 9.8 | 2022-12-05 | CVE-2022-45315 | Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet. |
| 8.8 | 2022-12-05 | CVE-2022-45313 | Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message. |
| 9.8 | 2022-10-15 | CVE-2017-20149 | The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later. |
| 6.5 | 2022-08-26 | CVE-2022-36522 | Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. |
| 6.5 | 2022-05-11 | CVE-2021-36614 | Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2022-05-11 | CVE-2021-36613 | Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2021-07-21 | CVE-2020-20262 | Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. |
| 6.5 | 2021-07-21 | CVE-2020-20221 | Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. |
| 6.5 | 2021-07-19 | CVE-2020-20249 | Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service. |
| 6.5 | 2021-07-19 | CVE-2020-20230 | Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. |
| 6.5 | 2021-07-14 | CVE-2020-20231 | Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2021-07-13 | CVE-2020-20252 | Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2021-07-13 | CVE-2020-20250 | Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. |
| 6.5 | 2021-07-08 | CVE-2020-20217 | Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. |
| 6.5 | 2021-07-07 | CVE-2020-20225 | Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /nova/bin/user process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. |
| 6.5 | 2021-05-19 | CVE-2020-20266 | Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2021-05-19 | CVE-2020-20264 | Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/advanced-tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error. |
| 6.5 | 2021-05-18 | CVE-2020-20254 | Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2021-05-18 | CVE-2020-20253 | Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error. |
| 6.5 | 2021-05-18 | CVE-2020-20220 | Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). |
| 6.5 | 2021-05-11 | CVE-2020-20267 | Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 24% (12) | CWE-787 | Out-of-bounds Write |
| 12% (6) | CWE-476 | NULL Pointer Dereference |
| 10% (5) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 8% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 6% (3) | CWE-770 | Allocation of Resources Without Limits or Throttling |
| 6% (3) | CWE-617 | Reachable Assertion |
| 6% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 4% (2) | CWE-674 | Uncontrolled Recursion |
| 4% (2) | CWE-369 | Divide By Zero |
| 4% (2) | CWE-125 | Out-of-bounds Read |
| 2% (1) | CWE-494 | Download of Code Without Integrity Check |
| 2% (1) | CWE-441 | Unintended Proxy/Intermediary |
| 2% (1) | CWE-345 | Insufficient Verification of Data Authenticity |
| 2% (1) | CWE-306 | Missing Authentication for Critical Function |
| 2% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 2% (1) | CWE-129 | Improper Validation of Array Index |
| 2% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
SAINT Exploits
| Description | Link |
|---|---|
| MicroTik RouterOS SMB buffer overflow | More info here |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-12-05 | Mikrotik RouterOS directory traversal attempt RuleID : 47684 - Type : SERVER-OTHER - Revision : 1 |
| 2018-09-18 | MikroTik RouterOS Winbox user.dat file read attempt RuleID : 47570 - Type : SERVER-OTHER - Revision : 2 |
| 2018-05-23 | MikroTik RouterOS buffer overflow attempt RuleID : 46076-community - Type : NETBIOS - Revision : 2 |
| 2018-04-27 | MikroTik RouterOS buffer overflow attempt RuleID : 46076 - Type : NETBIOS - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-09-06 | Name: The remote networking device is affected by an unauthenticated arbitrary file... File: mikrotik_cve_2018-14847.nasl - Type: ACT_ATTACK |
| 2018-08-24 | Name: The remote networking device is affected by multiple vulnerabilities. File: mikrotik_aug_2018.nasl - Type: ACT_GATHER_INFO |
| 2018-03-22 | Name: The remote networking device is affected by a buffer overflow vulnerability. File: mikrotik_6_41_3.nasl - Type: ACT_GATHER_INFO |
