what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files

RouterOS 6.44 / 6.49.10 Denial Of Service
Posted Mar 28, 2024
Authored by Solstice Cyber Solutions, ice-wzl

RouterOS versions 6.40.5 through 6.44 and 6.48.1 through 6.49.10 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2024-27686
SHA-256 | 9b7bae3bbe0ac19177c74574f4b0842856727f5af1b375f506fcf40ac529539d

Related Files

MikroTik RouterOS 6.x Reachable Assertion Failure / Null Pointer Dereference
Posted Jul 7, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.x suffers from having multiple null pointer dereference vulnerabilities and a reachable assertion failure.

tags | advisory, vulnerability
advisories | CVE-2021-36613, CVE-2021-36614
SHA-256 | 61fb6d95549c6db4fbf408527ea47e6a0fd075a931405f09c2ed3b080657a245
MikroTik RouterOS Memory Corruption
Posted May 11, 2021
Authored by Qian Chen

MikroTik's RouterOS suffers from multiple memory corruption vulnerabilities. Various versions are affected.

tags | advisory, vulnerability
advisories | CVE-2020-20220, CVE-2020-20227, CVE-2020-20245, CVE-2020-20246
SHA-256 | db5d7fa65930b9710b80f0c424d888eade1e18945b75c10be7be6d7c0cc4bcf5
Mikrotik RouterOS 6.46.5 Memory Corruption / Assertion Failure
Posted May 10, 2021
Authored by Qian Chen

MikroTik RouterOS version 6.46.5 suffers from an assertion failure and multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2020-20214, CVE-2020-20222, CVE-2020-20236, CVE-2020-20237
SHA-256 | a64685676fca951c82952a48568cc23b987ea04f6128ac9fa93f1d10f7bfbe11
MikroTik RouterOS Memory Corruption / Reachable Assertion Failure
Posted Sep 11, 2020
Authored by Qian Chen

MikroTik RouterOS suffers from memory corruption and reachable assertion failure vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 55015f99b97a602f7b921cc66a0bad419e61030ea1560cd3d297e3259fc64e59
MikroTik RouterOS Memory Corruption / NULL Pointer Dereference / Division By Zero
Posted Aug 30, 2020
Authored by Qian Chen

MikroTik RouterOS suffers from NULL pointer dereference, memory corruption and division by zero vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 093cf827a466522125a9a60ebaa8035bdab73e9adbf53421b45d078526ed91b9
Mikrotik RouterOS NULL Pointer Dereference / Reachable Assertion Failure
Posted Aug 14, 2020
Authored by Qian Chen

Mikrotik RouterOS suffers from null pointer dereference and reachable assertion failure vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 2df20ffb503d40f9cb6c783de8944c6f8ddb31e97c0d49da69d0f06ea89a0ad1
MikroTik RouterOS Memory Corruption / NULL Pointer / Stack Exhaustion
Posted Jul 27, 2020
Authored by Qian Chen

MikroTik RouterOS suffers from stack exhaustion, memory corruption, and null pointer vulnerabilities. Various 6.44.x versions are affected.

tags | advisory, vulnerability
SHA-256 | 02ab3540de562be70a067e64bdbfd57ec8076c2736ff3eb6a847230788c021a5
MikroTik RouterOS Null Pointer Dereference / Division-By-Zero
Posted Jul 7, 2020
Authored by Qian Chen

MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability.

tags | advisory, vulnerability
SHA-256 | f62eaf7184c39f0e8b90c063e78e3e3b83c3de4f01b45d8555571c1e7818d1df
MikroTik RouterOS Denial Of Service / Memory Corruption
Posted May 12, 2020
Authored by Qian Chen

MikroTik RouterOS suffers from two vulnerabilities. The cerm process suffers from an uncontrolled resource consumption issue. By sending a crafted packet, an authenticated remote user can cause a high cpu load, which may make the device respond slowly or unable to respond. Versions until stable 6.45.7 are affected. The traceroute process suffers from a memory corruption issue. By sending a crafted packet, an authenticated remote user can crash the traceroute process due to invalid memory access. Versions until stable 6.46.4 are affected.

tags | advisory, remote, denial of service, vulnerability
SHA-256 | 77175816ac4a79fca801187367574009b954279dd3a15515035cbab28819403d
MikroTik RouterOS Memory Corruption / Failed Assertion
Posted Jan 7, 2020
Authored by Qian Chen

MikroTik RouterOS versions prior to 6.44.6 suffer from memory corruption and assertion failure vulnerabilities.

tags | advisory, vulnerability
SHA-256 | b9e283a6208f56a952f99e2174e47221c663e9cd7c8f17571ff9c7c8eeb5c785
MikroTik RouterOS 6.45.6 DNS Cache Poisoning
Posted Oct 31, 2019
Authored by Jacob Baines

MikroTik RouterOS version 6.45.6 DNS cache poisoning exploit.

tags | exploit
advisories | CVE-2019-3978
SHA-256 | a383237105abf2d8cd196092df38ab74a7bb21e90a231ec004bccdee62539d22
Mikrotik RouterOS Resource / Stack Exhaustion
Posted Jul 24, 2019
Authored by Qian Chen

Mikrotik RouterOS versions prior to 6.44.5 and 6.45.1 suffer from stack and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
advisories | CVE-2019-13954, CVE-2019-13955
SHA-256 | d3abfc481e4ff650ba817b959c8db1aeed9b4e0a9043efaf38c59c7dd9c780de
MikroTik RouterOS Firewall / NAT Bypass
Posted Feb 21, 2019
Authored by Jacob Baines

MikroTik RouterOS versions prior to 6.43.12 (stable) and 6.42.12 (long-term) firewall and NAT bypass exploit.

tags | exploit
advisories | CVE-2019-3924
SHA-256 | 76d8b41f9f478dd81cf50cfdd51f6592ff6a23a044fbd5ad0d719cc3c7cef3ac
Mikrotik RouterOS Telnet Arbitrary Root File Creation
Posted Dec 14, 2018
Authored by Hacker Fantastic

An exploitable arbitrary file creation weakness has been identified in Mikrotik RouterOS that can be leveraged by a malicious attacker to exploit all known versions of Mikrotik RouterOS. The RouterOS contains a telnet client based on GNU inetutils with modifications to remove shell subsystem. However an attacker can leverage the "set tracefile" option to write an arbitrary file into any "rw" area of the filesystem, escaping the restricted shell to gain access to a "ash" busybox shell on some versions. The file is created with root privileges regardless of the RouterOS defined group.

tags | exploit, arbitrary, shell, root
SHA-256 | a939b73387c51054bd5c4c1fabbeade0aabd8445df951b5f0caf507ff0713454
Mikrotik RouterOS Remote Root
Posted Oct 10, 2018
Authored by Jacob Baines

Mikrotik RouterOS versions 6.x suffer from a remote root code execution vulnerability.

tags | exploit, remote, root, code execution
advisories | CVE-2018-14847
SHA-256 | 3f8c52b062ca67ece824e00c875d47df8ead0831abf8803a9a4a87310336aa60
MikroTik RouterOS SMB Buffer Overflow
Posted Mar 15, 2018
Authored by Core Security Technologies, Juan Caillava, Maximiliano Vidal | Site coresecurity.com

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it.

tags | exploit, remote, overflow, code execution
advisories | CVE-2018-7445
SHA-256 | f596977ec0c838a1e24c8e7b3ba40756d8c45733524c4820e426799d27f008d3
MikroTik RouterOS Chimay Red Stack Clash Remote Code Execution
Posted Mar 13, 2018
Authored by Lorenzo Santina

MikroTik RouterOS versions prior to 6.38.4 (MIPSBE) Chimay Red stack clash remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 4887cd3697d5055f700b1e47d24181ad41552d949b52b2f0b254372f1a8c00ac
MikroTik RouterOS Chimay Red Stack Clash Remote Code Execution
Posted Mar 13, 2018
Authored by Lorenzo Santina

MikroTik RouterOS versions prior to 6.38.4 (x86) Chimay Red stack clash remote code execution exploit.

tags | exploit, remote, x86, code execution
SHA-256 | 3d0f66446eb344c4829bbe2a36b06b9c2daee5d39d92b2e8dbb1e8547ceba83e
Mikrotik RouterOS 6.28 Cookie Buffer Overflow
Posted Jun 16, 2017
Authored by sultan albalawi

Mikrotik RouterOS version 6.28 suffers from a cookie HTTP request header buffer overflow vulnerability.

tags | exploit, web, overflow
SHA-256 | f9094809ee7a54b5ba82c3ce861b12c63658ce45783de7698e9d5d83a472dee0
Mikrotik RouterOS 6.39.2 FTP CWD Buffer Overflow
Posted Jun 16, 2017
Authored by sultan albalawi

Mikrotik RouterOS version 6.39.2 suffers from a FTP CWD command buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | a924ceacde68a55f9ad645ab470c04cb0e869ec8522c44c9e1b6c8e517add61e
Mikrotik RouterOS 6.28 FTP Buffer Overflow
Posted Jun 4, 2017
Authored by sultan albalawi

Mikrotik RouterOS version 6.28 suffers from an FTP related buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 79f5a359c7974ddc06477e70b9a5972e81e458a98d7cb6f7f735c690f781c8ce
MikroTik RouterOS 6.36.2 Cross Site Scripting
Posted Nov 11, 2016
Authored by Nassim Asrir

MikroTik RouterOS version 6.36.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 574ec10eda68efe29907bd928181fa09546feacfc51f2df9f2838424e1afe544
Webfig Terminal Offline Brute Force Attack
Posted Sep 27, 2015
Authored by Jonas

The encryption scheme used by Mikrotik's Webfig terminal software as seen on the RB750GL running RouterOS version 6.18 is susceptible to offline brute force attacks that allow a third party to recover login credentials (username and password) as well as full decryption of the terminal session. Full write up and proof of concept tools are included in this archive.

tags | exploit, proof of concept
SHA-256 | d0d1affb518b37657fed9af631a57aa3813a11d020ea75cb33748ab31aba0ae0
MikroTik RouterOS Cross Site Request Forgery
Posted Mar 8, 2015
Authored by Mohamed A. Baset

MikroTik RouterOS versions prior to 5.0 suffer from a cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 1b613fb5842b63ea229283b04b9a81dec10cf4d33e113fba40f802a5383c8609
Mikrotik RouterOS 5.x / 6.x SSHd Heap Corruption
Posted Sep 3, 2013
Authored by Kingcope

Mikrotik RouterOS versions 5.x and 6.x suffer from an sshd remote pre-authentication heap corruption vulnerability. Included is a 50 meg Mikrotik package that includes all research items.

tags | exploit, remote
systems | linux
SHA-256 | 74610d5d75efcfb4a984b83085a1bd9e64779bd5d156fb3a81b92d7bb3439349
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close