Vulnerabilities > Mikrotik > Routeros > 6.37.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-18 | CVE-2020-20254 | NULL Pointer Dereference vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. | 4.0 |
2021-05-11 | CVE-2020-20265 | Reachable Assertion vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. | 4.0 |
2021-05-11 | CVE-2020-20267 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. | 4.0 |
2021-05-03 | CVE-2020-20247 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. | 4.0 |
2021-01-04 | CVE-2021-3014 | Cross-site Scripting vulnerability in Mikrotik Routeros In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter. | 4.3 |
2020-10-07 | CVE-2019-16160 | Integer Overflow or Wraparound vulnerability in Mikrotik Routeros An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service. | 5.0 |
2020-03-23 | CVE-2020-10364 | Resource Exhaustion vulnerability in Mikrotik Routeros The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management. | 7.8 |
2020-01-14 | CVE-2019-3981 | Unspecified vulnerability in Mikrotik Routeros and Winbox MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. network mikrotik | 4.3 |
2019-10-29 | CVE-2019-3979 | Improper Input Validation vulnerability in Mikrotik Routeros RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. | 5.0 |
2019-10-29 | CVE-2019-3978 | Missing Authentication for Critical Function vulnerability in Mikrotik Routeros RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. | 5.0 |