Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Routeros
(Mikrotik)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 77 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-07-13 | CVE-2020-20250 | Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. | Routeros | 6.5 | ||
| 2021-07-13 | CVE-2020-20252 | Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | Routeros | 6.5 | ||
| 2021-07-14 | CVE-2020-20231 | Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | Routeros | 6.5 | ||
| 2021-07-19 | CVE-2020-20230 | Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | Routeros | 6.5 | ||
| 2021-07-19 | CVE-2020-20248 | Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | Routeros | 6.5 | ||
| 2021-07-19 | CVE-2020-20249 | Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service. | Routeros | 6.5 | ||
| 2021-07-21 | CVE-2020-20219 | Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | Routeros | 6.5 | ||
| 2021-07-21 | CVE-2020-20221 | Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | Routeros | 6.5 | ||
| 2021-07-21 | CVE-2020-20262 | Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. | Routeros | 6.5 | ||
| 2022-02-28 | CVE-2020-22844 | A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests. | Routeros | 7.5 |