Vulnerabilities > Mikrotik > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2020-20253 | Divide By Zero vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. | 6.5 |
| 2021-05-18 | CVE-2020-20254 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. | 6.5 |
| 2021-05-11 | CVE-2020-20265 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. | 6.5 |
| 2021-05-11 | CVE-2020-20267 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. | 6.5 |
| 2021-05-03 | CVE-2020-20218 | Out-of-bounds Write vulnerability in Mikrotik Routeros 6.44.6 Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. | 6.5 |
| 2021-05-03 | CVE-2020-20247 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. | 6.5 |
| 2021-01-04 | CVE-2021-3014 | Cross-site Scripting vulnerability in Mikrotik Routeros In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter. | 6.1 |
| 2020-04-15 | CVE-2020-5721 | Insufficiently Protected Credentials vulnerability in Mikrotik Winbox MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. | 5.5 |
| 2020-02-06 | CVE-2020-5720 | Path Traversal vulnerability in Mikrotik Winbox 3.18/3.20 MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. | 5.9 |
| 2019-08-26 | CVE-2019-15055 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. | 6.5 |