Vulnerabilities > Mikrotik

DATE CVE VULNERABILITY TITLE RISK
2022-12-05 CVE-2022-45313 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process.
network
low complexity
mikrotik CWE-125
critical
9.8
2022-12-05 CVE-2022-45315 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process.
network
low complexity
mikrotik CWE-125
critical
9.8
2022-10-15 CVE-2017-20149 Out-of-bounds Write vulnerability in Mikrotik Routeros
The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red.
network
low complexity
mikrotik CWE-787
critical
9.8
2022-05-11 CVE-2021-36613 NULL Pointer Dereference vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process.
network
low complexity
mikrotik CWE-476
6.5
2022-05-11 CVE-2021-36614 NULL Pointer Dereference vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process.
network
low complexity
mikrotik CWE-476
6.5
2022-03-16 CVE-2021-41987 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.46.8/6.47.10/6.47.9
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution.
network
mikrotik CWE-787
6.8
2022-02-28 CVE-2020-22844 Memory Leak vulnerability in Mikrotik Routeros 6.47
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.
network
low complexity
mikrotik CWE-401
5.0
2022-02-28 CVE-2020-22845 Classic Buffer Overflow vulnerability in Mikrotik Routeros 6.47
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.
network
low complexity
mikrotik CWE-120
7.8
2021-07-21 CVE-2020-20219 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.44.6
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process.
network
low complexity
mikrotik CWE-787
4.0
2021-07-21 CVE-2020-20221 Resource Exhaustion vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process.
network
low complexity
mikrotik CWE-400
6.5