MikroTik RouterOS suffers from two vulnerabilities. The cerm process suffers from an uncontrolled resource consumption issue. By sending a crafted packet, an authenticated remote user can cause a high cpu load, which may make the device respond slowly or unable to respond. Versions until stable 6.45.7 are affected. The traceroute process suffers from a memory corruption issue. By sending a crafted packet, an authenticated remote user can crash the traceroute process due to invalid memory access. Versions until stable 6.46.4 are affected.
77175816ac4a79fca801187367574009b954279dd3a15515035cbab28819403d