Vulnerabilities > Mikrotik > Routeros > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-23 | CVE-2018-1156 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. | 8.8 |
| 2018-04-13 | CVE-2018-10066 | Improper Certificate Validation vulnerability in Mikrotik Routeros 6.41.4 An issue was discovered in MikroTik RouterOS 6.41.4. | 8.1 |
| 2017-05-18 | CVE-2017-8338 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.38.5 A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically. | 7.5 |
| 2017-03-29 | CVE-2017-7285 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.38.5 A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections. | 7.5 |
| 2017-03-12 | CVE-2017-6444 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.25 The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. | 7.5 |