Mikrotik: >> Routeros >> 6.47 Security Vulnerabilities
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.
CVSS Score
7.5
EPSS Score
0.012
Published
2022-02-28
Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.
CVSS Score
6.5
EPSS Score
0.009
Published
2021-07-19
Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
CVSS Score
6.5
EPSS Score
0.01
Published
2021-07-14
Mikrotik RouterOs stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
CVSS Score
6.5
EPSS Score
0.011
Published
2021-05-18
In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.
CVSS Score
6.1
EPSS Score
0.006
Published
2021-01-04
An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.
CVSS Score
7.5
EPSS Score
0.155
Published
2020-03-02
Page 2