Vulnerabilities > Mikrotik > Routeros > 6.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2020-20253 | Divide By Zero vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. | 6.5 |
| 2021-05-18 | CVE-2020-20254 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. | 6.5 |
| 2021-05-11 | CVE-2020-20265 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. | 6.5 |
| 2021-05-11 | CVE-2020-20267 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. | 6.5 |
| 2021-05-03 | CVE-2020-20247 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. | 6.5 |
| 2021-01-04 | CVE-2021-3014 | Cross-site Scripting vulnerability in Mikrotik Routeros In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter. | 6.1 |
| 2020-10-07 | CVE-2019-16160 | Integer Underflow (Wrap or Wraparound) vulnerability in Mikrotik Routeros An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service. | 7.5 |
| 2020-03-23 | CVE-2020-10364 | Allocation of Resources Without Limits or Throttling vulnerability in Mikrotik Routeros The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management. | 7.5 |
| 2020-01-14 | CVE-2019-3981 | Unspecified vulnerability in Mikrotik Routeros and Winbox MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. | 3.7 |
| 2019-10-29 | CVE-2019-3979 | Insufficient Verification of Data Authenticity vulnerability in Mikrotik Routeros RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. | 7.5 |