| Max CVSS | 9.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-15055 | 5.5 |
MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to
|
06-10-2020 - 12:15 | 26-08-2019 - 21:15 | |
| CVE-2019-13074 | 7.8 |
A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
|
24-08-2020 - 17:37 | 03-07-2019 - 21:15 | |
| CVE-2018-1158 | 4.0 |
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.
|
24-08-2020 - 17:37 | 23-08-2018 - 19:29 | |
| CVE-2018-1156 | 9.0 |
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
|
24-08-2020 - 17:37 | 23-08-2018 - 19:29 | |
| CVE-2018-1157 | 6.8 |
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.
|
23-07-2019 - 20:15 | 23-08-2018 - 19:29 | |
| CVE-2018-1159 | 4.0 |
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.
|
12-10-2018 - 18:50 | 23-08-2018 - 19:29 |