Vulnerabilities > Mikrotik > Routeros > 6.40.5

DATE CVE VULNERABILITY TITLE RISK
2023-09-07 CVE-2023-30800 Out-of-bounds Write vulnerability in Mikrotik Routeros
The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue.
network
low complexity
mikrotik CWE-787
7.5
7.5
2023-07-19 CVE-2023-30799 Unspecified vulnerability in Mikrotik Routeros
MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue.
network
low complexity
mikrotik
7.2
7.2
2023-07-12 CVE-2020-20021 Resource Exhaustion vulnerability in Mikrotik Routeros
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon.
network
low complexity
mikrotik CWE-400
7.5
7.5
2023-03-27 CVE-2023-24094 Out-of-bounds Write vulnerability in Mikrotik Routeros 6.40.5
An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets.
network
low complexity
mikrotik CWE-787
7.5
7.5
2022-12-05 CVE-2022-45313 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process.
network
low complexity
mikrotik CWE-125
8.8
8.8
2022-12-05 CVE-2022-45315 Out-of-bounds Read vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process.
network
low complexity
mikrotik CWE-125
critical
 9.8
9.8
2022-08-26 CVE-2022-36522 Reachable Assertion vulnerability in Mikrotik Routeros
Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch.
network
low complexity
mikrotik CWE-617
6.5
6.5
2022-05-11 CVE-2021-36613 NULL Pointer Dereference vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process.
network
low complexity
mikrotik CWE-476
6.5
6.5
2022-05-11 CVE-2021-36614 NULL Pointer Dereference vulnerability in Mikrotik Routeros
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process.
network
low complexity
mikrotik CWE-476
6.5
6.5
2021-07-21 CVE-2020-20221 Resource Exhaustion vulnerability in Mikrotik Routeros
Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process.
network
low complexity
mikrotik CWE-400
6.5
6.5