Vulnerabilities > Mikrotik > Routeros > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-41570 | Unspecified vulnerability in Mikrotik Routeros MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API. | 5.3 |
| 2022-05-11 | CVE-2021-36613 | NULL Pointer Dereference vulnerability in Mikrotik Routeros Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. | 6.5 |
| 2022-05-11 | CVE-2021-36614 | NULL Pointer Dereference vulnerability in Mikrotik Routeros Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. | 6.5 |
| 2022-03-16 | CVE-2021-41987 | Out-of-bounds Write vulnerability in Mikrotik Routeros 6.46.8/6.47.10/6.47.9 In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. | 6.8 |
| 2022-02-28 | CVE-2020-22844 | Memory Leak vulnerability in Mikrotik Routeros 6.47 A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests. | 5.0 |
| 2021-07-21 | CVE-2020-20219 | Out-of-bounds Write vulnerability in Mikrotik Routeros 6.44.6 Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. | 4.0 |
| 2021-07-21 | CVE-2020-20221 | Resource Exhaustion vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. | 6.5 |
| 2021-07-21 | CVE-2020-20262 | Reachable Assertion vulnerability in Mikrotik Routeros Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. | 4.0 |
| 2021-07-19 | CVE-2020-20248 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.47 Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. | 6.5 |
| 2021-07-19 | CVE-2020-20249 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mikrotik Routeros Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. | 4.0 |