Vulnerabilities > Mikrotik > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-07 | CVE-2023-30800 | Out-of-bounds Write vulnerability in Mikrotik Routeros The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. | 7.5 |
| 2023-07-19 | CVE-2023-30799 | Unspecified vulnerability in Mikrotik Routeros MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. | 7.2 |
| 2023-07-12 | CVE-2020-20021 | Resource Exhaustion vulnerability in Mikrotik Routeros An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon. | 7.5 |
| 2023-03-27 | CVE-2023-24094 | Out-of-bounds Write vulnerability in Mikrotik Routeros 6.40.5 An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets. | 7.5 |
| 2022-12-05 | CVE-2022-45313 | Out-of-bounds Read vulnerability in Mikrotik Routeros Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. | 8.8 |
| 2022-03-16 | CVE-2021-41987 | Out-of-bounds Write vulnerability in Mikrotik Routeros 6.46.8/6.47.10/6.47.9 In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. | 8.1 |
| 2022-02-28 | CVE-2020-22844 | Memory Leak vulnerability in Mikrotik Routeros 6.47 A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests. | 7.5 |
| 2022-02-28 | CVE-2020-22845 | Classic Buffer Overflow vulnerability in Mikrotik Routeros 6.47 A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests. | 7.5 |
| 2021-03-19 | CVE-2021-27221 | Unspecified vulnerability in Mikrotik Routeros 6.47.9 MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. | 8.1 |
| 2020-10-07 | CVE-2019-16160 | Integer Underflow (Wrap or Wraparound) vulnerability in Mikrotik Routeros An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service. | 7.5 |