Vulnerabilities > Mikrotik > Routeros > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-07 | CVE-2023-30800 | Out-of-bounds Write vulnerability in Mikrotik Routeros The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. | 7.5 |
| 2023-07-19 | CVE-2023-30799 | Unspecified vulnerability in Mikrotik Routeros MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. | 7.2 |
| 2023-07-12 | CVE-2020-20021 | Resource Exhaustion vulnerability in Mikrotik Routeros An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon. | 7.5 |
| 2022-12-05 | CVE-2022-45313 | Out-of-bounds Read vulnerability in Mikrotik Routeros Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. | 8.8 |
| 2022-02-28 | CVE-2020-22845 | Classic Buffer Overflow vulnerability in Mikrotik Routeros 6.47 A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests. | 7.8 |
| 2021-03-19 | CVE-2021-27221 | Unspecified vulnerability in Mikrotik Routeros 6.47.9 MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. | 8.1 |
| 2020-03-23 | CVE-2020-10364 | Resource Exhaustion vulnerability in Mikrotik Routeros The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management. | 7.8 |
| 2020-03-02 | CVE-2018-5951 | Unspecified vulnerability in Mikrotik Routeros An issue was discovered in Mikrotik RouterOS. network mikrotik | 7.1 |
| 2019-10-29 | CVE-2019-3977 | Download of Code Without Integrity Check vulnerability in Mikrotik Routeros RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. | 8.5 |
| 2019-07-03 | CVE-2019-13074 | Allocation of Resources Without Limits or Throttling vulnerability in Mikrotik Routeros A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management. | 7.8 |