RouterOS versions 6.40.5 through 6.44 and 6.48.1 through 6.49.10 suffers from a denial of service vulnerability.
9b7bae3bbe0ac19177c74574f4b0842856727f5af1b375f506fcf40ac529539d
MikroTik RouterOS version 6.x suffers from having multiple null pointer dereference vulnerabilities and a reachable assertion failure.
61fb6d95549c6db4fbf408527ea47e6a0fd075a931405f09c2ed3b080657a245
MikroTik's RouterOS suffers from multiple memory corruption vulnerabilities. Various versions are affected.
db5d7fa65930b9710b80f0c424d888eade1e18945b75c10be7be6d7c0cc4bcf5
MikroTik RouterOS version 6.46.5 suffers from an assertion failure and multiple memory corruption vulnerabilities.
a64685676fca951c82952a48568cc23b987ea04f6128ac9fa93f1d10f7bfbe11
MikroTik RouterOS suffers from memory corruption and reachable assertion failure vulnerabilities.
55015f99b97a602f7b921cc66a0bad419e61030ea1560cd3d297e3259fc64e59
MikroTik RouterOS suffers from NULL pointer dereference, memory corruption and division by zero vulnerabilities.
093cf827a466522125a9a60ebaa8035bdab73e9adbf53421b45d078526ed91b9
Mikrotik RouterOS suffers from null pointer dereference and reachable assertion failure vulnerabilities.
2df20ffb503d40f9cb6c783de8944c6f8ddb31e97c0d49da69d0f06ea89a0ad1
MikroTik RouterOS suffers from stack exhaustion, memory corruption, and null pointer vulnerabilities. Various 6.44.x versions are affected.
02ab3540de562be70a067e64bdbfd57ec8076c2736ff3eb6a847230788c021a5
MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability.
f62eaf7184c39f0e8b90c063e78e3e3b83c3de4f01b45d8555571c1e7818d1df
MikroTik RouterOS suffers from two vulnerabilities. The cerm process suffers from an uncontrolled resource consumption issue. By sending a crafted packet, an authenticated remote user can cause a high cpu load, which may make the device respond slowly or unable to respond. Versions until stable 6.45.7 are affected. The traceroute process suffers from a memory corruption issue. By sending a crafted packet, an authenticated remote user can crash the traceroute process due to invalid memory access. Versions until stable 6.46.4 are affected.
77175816ac4a79fca801187367574009b954279dd3a15515035cbab28819403d
MikroTik RouterOS versions prior to 6.44.6 suffer from memory corruption and assertion failure vulnerabilities.
b9e283a6208f56a952f99e2174e47221c663e9cd7c8f17571ff9c7c8eeb5c785
MikroTik RouterOS version 6.45.6 DNS cache poisoning exploit.
a383237105abf2d8cd196092df38ab74a7bb21e90a231ec004bccdee62539d22
Mikrotik RouterOS versions prior to 6.44.5 and 6.45.1 suffer from stack and resource exhaustion vulnerabilities.
d3abfc481e4ff650ba817b959c8db1aeed9b4e0a9043efaf38c59c7dd9c780de
MikroTik RouterOS versions prior to 6.43.12 (stable) and 6.42.12 (long-term) firewall and NAT bypass exploit.
76d8b41f9f478dd81cf50cfdd51f6592ff6a23a044fbd5ad0d719cc3c7cef3ac
An exploitable arbitrary file creation weakness has been identified in Mikrotik RouterOS that can be leveraged by a malicious attacker to exploit all known versions of Mikrotik RouterOS. The RouterOS contains a telnet client based on GNU inetutils with modifications to remove shell subsystem. However an attacker can leverage the "set tracefile" option to write an arbitrary file into any "rw" area of the filesystem, escaping the restricted shell to gain access to a "ash" busybox shell on some versions. The file is created with root privileges regardless of the RouterOS defined group.
a939b73387c51054bd5c4c1fabbeade0aabd8445df951b5f0caf507ff0713454
Mikrotik RouterOS versions 6.x suffer from a remote root code execution vulnerability.
3f8c52b062ca67ece824e00c875d47df8ead0831abf8803a9a4a87310336aa60
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it.
f596977ec0c838a1e24c8e7b3ba40756d8c45733524c4820e426799d27f008d3
MikroTik RouterOS versions prior to 6.38.4 (MIPSBE) Chimay Red stack clash remote code execution exploit.
4887cd3697d5055f700b1e47d24181ad41552d949b52b2f0b254372f1a8c00ac
MikroTik RouterOS versions prior to 6.38.4 (x86) Chimay Red stack clash remote code execution exploit.
3d0f66446eb344c4829bbe2a36b06b9c2daee5d39d92b2e8dbb1e8547ceba83e
Mikrotik RouterOS version 6.28 suffers from a cookie HTTP request header buffer overflow vulnerability.
f9094809ee7a54b5ba82c3ce861b12c63658ce45783de7698e9d5d83a472dee0
Mikrotik RouterOS version 6.39.2 suffers from a FTP CWD command buffer overflow vulnerability.
a924ceacde68a55f9ad645ab470c04cb0e869ec8522c44c9e1b6c8e517add61e
Mikrotik RouterOS version 6.28 suffers from an FTP related buffer overflow vulnerability.
79f5a359c7974ddc06477e70b9a5972e81e458a98d7cb6f7f735c690f781c8ce
MikroTik RouterOS version 6.36.2 suffers from a cross site scripting vulnerability.
574ec10eda68efe29907bd928181fa09546feacfc51f2df9f2838424e1afe544
The encryption scheme used by Mikrotik's Webfig terminal software as seen on the RB750GL running RouterOS version 6.18 is susceptible to offline brute force attacks that allow a third party to recover login credentials (username and password) as well as full decryption of the terminal session. Full write up and proof of concept tools are included in this archive.
d0d1affb518b37657fed9af631a57aa3813a11d020ea75cb33748ab31aba0ae0
MikroTik RouterOS versions prior to 5.0 suffer from a cross site request forgery vulnerabilities.
1b613fb5842b63ea229283b04b9a81dec10cf4d33e113fba40f802a5383c8609
Mikrotik RouterOS versions 5.x and 6.x suffer from an sshd remote pre-authentication heap corruption vulnerability. Included is a 50 meg Mikrotik package that includes all research items.
74610d5d75efcfb4a984b83085a1bd9e64779bd5d156fb3a81b92d7bb3439349