Vulnerabilities > Mikrotik > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2019-3943 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. | 7.5 |
| 2018-04-16 | CVE-2018-10070 | Resource Exhaustion vulnerability in Mikrotik Router Firmware 6.41.4 A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. | 7.8 |
| 2017-12-13 | CVE-2017-17538 | Unspecified vulnerability in Mikrotik Router Firmware 6.40.5 MikroTik v6.40.5 devices allow remote attackers to cause a denial of service via a flood of ICMP packets. | 7.8 |
| 2017-05-18 | CVE-2017-8338 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.38.5 A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically. | 7.8 |
| 2017-03-29 | CVE-2017-7285 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.38.5 A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections. | 7.8 |
| 2017-03-12 | CVE-2017-6444 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.25 The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. | 7.8 |