Mikrotik: >> Routeros >> 6.49.18 Security Vulnerabilities
Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet.
CVSS Score
9.8
EPSS Score
0.013
Published
2022-12-05
Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.
CVSS Score
8.8
EPSS Score
0.047
Published
2022-12-05
In MikroTik RouterOS through 2021-01-04, the hotspot login page is vulnerable to reflected XSS via the target parameter.
CVSS Score
6.1
EPSS Score
0.006
Published
2021-01-04
An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.
CVSS Score
7.5
EPSS Score
0.155
Published
2020-03-02