Vulnerabilities > Mikrotik

DATE CVE VULNERABILITY TITLE RISK
2021-05-18 CVE-2020-20237 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.46.3
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process.
network
low complexity
mikrotik CWE-787
6.5
2021-05-18 CVE-2020-20253 Divide By Zero vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process.
network
low complexity
mikrotik CWE-369
6.5
2021-05-18 CVE-2020-20254 Out-of-bounds Write vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process.
network
low complexity
mikrotik CWE-787
6.5
2021-05-11 CVE-2020-20265 Out-of-bounds Write vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process.
network
low complexity
mikrotik CWE-787
6.5
2021-05-11 CVE-2020-20267 Out-of-bounds Write vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process.
network
low complexity
mikrotik CWE-787
6.5
2021-05-03 CVE-2020-20218 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.44.6
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process.
network
low complexity
mikrotik CWE-787
6.5
2021-05-03 CVE-2020-20247 Out-of-bounds Write vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process.
network
low complexity
mikrotik CWE-787
6.5
2021-03-19 CVE-2021-27221 Unspecified vulnerability in Mikrotik Routeros 6.47.9
MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command.
network
low complexity
mikrotik
8.1
2021-01-04 CVE-2021-3014 Cross-site Scripting vulnerability in Mikrotik Routeros
In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.
network
low complexity
mikrotik CWE-79
6.1
2020-10-07 CVE-2019-16160 Integer Underflow (Wrap or Wraparound) vulnerability in Mikrotik Routeros
An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.
network
low complexity
mikrotik CWE-191
7.5