CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-1158
https://notcve.org/view.php?id=CVE-2018-1158
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Mikrotik RouterOS en versiones anteriores a la 6.42.7 y 6.40.9 es vulnerable a una vulnerabilidad de agotamiento de pila. Un atacante remoto autenticado puede provocar el cierre inesperado del servidor HTTP mediante el análisis recursivo de JSON. • http://seclists.org/fulldisclosure/2019/Jul/20 https://mikrotik.com/download/changelogs https://mikrotik.com/download/changelogs/bugfix-release-tree https://www.tenable.com/security/research/tra-2018-21 • CWE-674: Uncontrolled Recursion •
CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 1CVE-2018-1156
https://notcve.org/view.php?id=CVE-2018-1156
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system. Mikrotik RouterOS en versiones anteriores a la 6.42.7 y 6.40.9 es vulnerable a un desbordamiento de búfer basado en pila a través de la interfaz de actualización de la licencia. Esta vulnerabilidad podría permitir, en teoría, que un atacante autenticado remoto ejecute código arbitrario en el sistema. • https://mikrotik.com/download/changelogs https://mikrotik.com/download/changelogs/bugfix-release-tree https://www.tenable.com/security/research/tra-2018-21 • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 97%CPEs: 1EXPL: 11CVE-2018-14847 – MikroTik Router OS Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. MikroTik RouterOS hasta la versión 6.42 permite que atacante remoto no autenticado lean archivos arbitrarios y que los atacantes autenticados remotos escriban en archivos arbitrarios debido a una vulnerabilidad de salto de directorio en la interfaz WinBox. Mikrotik RouterOS versions 6.x suffer from a remote root code execution vulnerability. • https://www.exploit-db.com/exploits/45578 https://github.com/jas502n/CVE-2018-14847 https://github.com/yukar1z0e/CVE-2018-14847 https://github.com/babyshen/routeros-CVE-2018-14847-bytheway https://github.com/K3ysTr0K3R/CVE-2018-14847-EXPLOIT https://github.com/BasuCert/WinboxPoC https://github.com/BigNerd95/WinboxExploit https://github.com/tenable/routeros/blob/master/bug_hunting_in_routeros_derbycon_2018.pdf https://github.com/tenable/routeros/tree/master/poc/bytheway https://githu • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 82%CPEs: 14EXPL: 3CVE-2018-7445 – MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2018-7445
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable. Se ha encontrado un desbordamiento de búfer en el servicio MikroTik RouterOS SMB al procesar mensajes de petición de sesión NetBIOS. • https://www.exploit-db.com/exploits/44290 http://seclists.org/fulldisclosure/2018/Mar/38 http://www.securityfocus.com/bid/103427 https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 24%CPEs: 1EXPL: 3CVE-2012-6050 – Mikrotik Router - Denial of Service
https://notcve.org/view.php?id=CVE-2012-6050
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll. El servicio winbox en MikroTik RouterOS v5.15 y anteriores, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU), leer la versión de router y posiblemente tener otros impactos a través de la petición de descarga de complementos o DLL del router, como se demostró con roteros.dll. • https://www.exploit-db.com/exploits/18817 http://www.133tsec.com/2012/04/30/0day-ddos-mikrotik-server-side-ddos-attack http://www.exploit-db.com/exploits/18817 https://exchange.xforce.ibmcloud.com/vulnerabilities/75327 • CWE-16: Configuration •