![]() An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. ![]() Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the sshd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/cerm process. Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. ![]() Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. This vulnerability allows attackers to execute arbitrary code via a crafted packet. Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message. Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets.
0 Comments
Leave a Reply. |