CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-20252
https://notcve.org/view.php?id=CVE-2020-20252
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). Mikrotik RouterOs versiones anteriores a estable 6.47, sufre de una vulnerabilidad de corrupción de memoria en el proceso /nova/bin/lcdstat. Un atacante remoto autenticado puede causar una denegación de servicio (desreferencia del puntero NULL) • https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20252/README.md • CWE-476: NULL Pointer Dereference CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-20250
https://notcve.org/view.php?id=CVE-2020-20250
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference. Mikrotik RouterOs versiones anteriores a estable 6.47, sufre una vulnerabilidad de corrupción de memoria en el proceso /nova/bin/lcdstat. • https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20250/README.md https://mikrotik.com • CWE-476: NULL Pointer Dereference CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-20217
https://notcve.org/view.php?id=CVE-2020-20217
Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption vulnerability in the /nova/bin/route process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU. Mikrotik RouterOs versiones anteriores a 6.47 (stable tree) sufre una vulnerabilidad de consumo de recursos no controlado en el proceso /nova/bin/route. Un atacante remoto autenticado puede causar una Denegación de Servicio debido a una sobrecarga de la CPU del sistema • https://cwe.mitre.org/data/definitions/400.html https://github.com/cq674350529/pocs_slides/blob/master/advisory/MikroTik/CVE-2020-20217/README.md https://mikrotik.com • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-36614
https://notcve.org/view.php?id=CVE-2021-36614
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). Mikrotik RouterOs versiones anteriores a stable 6.48.2, sufre una vulnerabilidad de corrupción de memoria en el proceso tr069-client. Un atacante remoto autenticado puede causar una Denegación de Servicio (desreferencia de puntero NULL) • http://seclists.org/fulldisclosure/2022/Jun/2 https://seclists.org/fulldisclosure/2021/Jul/0 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-36613
https://notcve.org/view.php?id=CVE-2021-36613
Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). Mikrotik RouterOs versiones anteriores a stable 6.48.2, sufre una vulnerabilidad de corrupción de memoria en el proceso ptp. Un atacante remoto autenticado puede causar una Denegación de Servicio (desreferencia de puntero NULL) • http://seclists.org/fulldisclosure/2022/Jun/2 https://seclists.org/fulldisclosure/2021/Jul/0 • CWE-476: NULL Pointer Dereference •