Vulnerabilities > Mikrotik
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-13074 | Allocation of Resources Without Limits or Throttling vulnerability in Mikrotik Routeros A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. | 7.8 |
| 2019-04-10 | CVE-2019-3943 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. | 7.5 |
| 2019-02-20 | CVE-2019-3924 | Confused Deputy vulnerability in Mikrotik Routeros MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. | 5.0 |
| 2018-08-23 | CVE-2018-1159 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. | 4.0 |
| 2018-08-23 | CVE-2018-1158 | Uncontrolled Recursion vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. | 4.0 |
| 2018-08-23 | CVE-2018-1157 | Resource Exhaustion vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. | 6.8 |
| 2018-08-23 | CVE-2018-1156 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. | 9.0 |
| 2018-08-02 | CVE-2018-14847 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. | 6.4 |
| 2018-04-16 | CVE-2018-10070 | Resource Exhaustion vulnerability in Mikrotik Router Firmware 6.41.4 A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. | 7.8 |
| 2018-04-13 | CVE-2018-10066 | Improper Certificate Validation vulnerability in Mikrotik Routeros 6.41.4 An issue was discovered in MikroTik RouterOS 6.41.4. | 6.8 |