Filtered by vendor Mikrotik
Subscribe
Total
85 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-6444 | 1 Mikrotik | 2 Router Hap Lite, Routeros | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation. | |||||
CVE-2015-2350 | 1 Mikrotik | 1 Routeros | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request in the status page to /cfg. | |||||
CVE-2012-6050 | 1 Mikrotik | 1 Routeros | 2023-12-10 | 6.4 MEDIUM | N/A |
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll. | |||||
CVE-2008-6976 | 1 Mikrotik | 1 Routeros | 2023-12-10 | 6.4 MEDIUM | N/A |
MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remote attackers to modify Network Management System (NMS) settings via a crafted SNMP set request. | |||||
CVE-2008-0680 | 1 Microtik | 1 Routeros | 2023-12-10 | 7.8 HIGH | N/A |
SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP SET request. |