Vulnerabilities > Mikrotik

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-41570 Unspecified vulnerability in Mikrotik Routeros
MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.
network
high complexity
mikrotik
5.3
2023-09-07 CVE-2023-30800 Out-of-bounds Write vulnerability in Mikrotik Routeros
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue.
network
low complexity
mikrotik CWE-787
7.5
2023-07-19 CVE-2023-30799 Unspecified vulnerability in Mikrotik Routeros
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue.
network
low complexity
mikrotik
7.2
2023-07-12 CVE-2020-20021 Resource Exhaustion vulnerability in Mikrotik Routeros
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon.
network
low complexity
mikrotik CWE-400
7.5
2022-12-05 CVE-2022-45313 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process.
network
low complexity
mikrotik CWE-125
8.8
2022-12-05 CVE-2022-45315 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process.
network
low complexity
mikrotik CWE-125
critical
9.8
2022-10-15 CVE-2017-20149 Out-of-bounds Write vulnerability in Mikrotik Routeros
The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red.
network
low complexity
mikrotik CWE-787
critical
9.8
2022-05-11 CVE-2021-36613 NULL Pointer Dereference vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process.
network
low complexity
mikrotik CWE-476
6.5
2022-05-11 CVE-2021-36614 NULL Pointer Dereference vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process.
network
low complexity
mikrotik CWE-476
6.5
2022-03-16 CVE-2021-41987 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.46.8/6.47.10/6.47.9
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution.
network
mikrotik CWE-787
6.8