Vulnerabilities > Mikrotik > Routeros > 6.38.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-29 | CVE-2019-3977 | Download of Code Without Integrity Check vulnerability in Mikrotik Routeros RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. | 8.5 |
| 2019-10-29 | CVE-2019-3976 | Path Traversal vulnerability in Mikrotik Routeros RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. | 6.5 |
| 2019-08-26 | CVE-2019-15055 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. | 5.5 |
| 2019-07-26 | CVE-2019-13955 | Uncontrolled Recursion vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. | 4.0 |
| 2019-07-26 | CVE-2019-13954 | Allocation of Resources Without Limits or Throttling vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. | 6.8 |
| 2019-07-03 | CVE-2019-13074 | Allocation of Resources Without Limits or Throttling vulnerability in Mikrotik Routeros A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. | 7.8 |
| 2019-04-10 | CVE-2019-3943 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. | 7.5 |
| 2019-02-20 | CVE-2019-3924 | Confused Deputy vulnerability in Mikrotik Routeros MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. | 5.0 |
| 2018-08-23 | CVE-2018-1159 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. | 4.0 |
| 2018-08-23 | CVE-2018-1158 | Uncontrolled Recursion vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. | 4.0 |