Vulnerabilities > Mikrotik

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-41570 Unspecified vulnerability in Mikrotik Routeros
MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.
network
high complexity
mikrotik
5.3
2023-09-07 CVE-2023-30800 Out-of-bounds Write vulnerability in Mikrotik Routeros
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue.
network
low complexity
mikrotik CWE-787
7.5
2023-07-19 CVE-2023-30799 Unspecified vulnerability in Mikrotik Routeros
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue.
network
low complexity
mikrotik
7.2
2023-07-12 CVE-2020-20021 Resource Exhaustion vulnerability in Mikrotik Routeros
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon.
network
low complexity
mikrotik CWE-400
7.5
2023-03-27 CVE-2023-24094 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.40.5
An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets.
network
low complexity
mikrotik CWE-787
7.5
2022-12-05 CVE-2022-45313 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process.
network
low complexity
mikrotik CWE-125
8.8
2022-12-05 CVE-2022-45315 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process.
network
low complexity
mikrotik CWE-125
critical
9.8
2022-10-15 CVE-2017-20149 Out-of-bounds Write vulnerability in Mikrotik Routeros
The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red.
network
low complexity
mikrotik CWE-787
critical
9.8
2022-08-26 CVE-2022-36522 Reachable Assertion vulnerability in Mikrotik Routeros
Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch.
network
low complexity
mikrotik CWE-617
6.5
2022-08-25 CVE-2022-34960 Link Following vulnerability in Mikrotik Routeros 7.4
The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device.
network
low complexity
mikrotik CWE-59
critical
9.8