Vulnerability Details CVE-2017-6444
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.199
EPSS Ranking 95.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
- http://www.exploitalert.com/view-details.html?id=26137
- https://cxsecurity.com/issue/WLB-2017030029
- https://packetstormsecurity.com/files/141449/Mikrotik-Hap-Lite-6.25-Denial-Of-Service.html
- https://www.exploit-db.com/exploits/41601/
- http://www.exploitalert.com/view-details.html?id=26137
- https://cxsecurity.com/issue/WLB-2017030029
- https://packetstormsecurity.com/files/141449/Mikrotik-Hap-Lite-6.25-Denial-Of-Service.html
- https://www.exploit-db.com/exploits/41601/
Products affected by CVE-2017-6444
-
cpe:2.3:h:mikrotik:router_hap_lite:-
-
cpe:2.3:o:mikrotik:routeros:6.25