Mikrotik: >> Routeros >> 6.43.13 Security Vulnerabilities
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected.
CVSS Score
6.5
EPSS Score
0.009
Published
2019-07-26
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.
CVSS Score
6.5
EPSS Score
0.01
Published
2019-07-26
A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-07-03
Page 4