Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Routeros
(Mikrotik)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 77 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-07-19 | CVE-2020-20248 | Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | Routeros | 6.5 | ||
| 2021-07-19 | CVE-2020-20249 | Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service. | Routeros | 6.5 | ||
| 2021-07-21 | CVE-2020-20219 | Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | Routeros | 6.5 | ||
| 2021-07-21 | CVE-2020-20221 | Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. | Routeros | 6.5 | ||
| 2021-07-21 | CVE-2020-20262 | Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. | Routeros | 6.5 | ||
| 2022-02-28 | CVE-2020-22844 | A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests. | Routeros | 7.5 | ||
| 2022-02-28 | CVE-2020-22845 | A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests. | Routeros | 7.5 | ||
| 2022-03-16 | CVE-2021-41987 | In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10. | Routeros | 8.1 | ||
| 2022-05-11 | CVE-2021-36613 | Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | Routeros | 6.5 | ||
| 2022-05-11 | CVE-2021-36614 | Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | Routeros | 6.5 |