CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.

Product Status

Learn more

Information not provided

References 4 Total

https://www.tenable.com/security/research/tra-2018-21
external site
https://mikrotik.com/download/changelogs
external site
https://mikrotik.com/download/changelogs/bugfix-release-tree
external site
seclists.org: 20190723 Two vulnerabilities found in MikroTik's RouterOS
external site
mailing-list

Updated: 2024-08-05

This container includes required additional information provided by the CVE Program for this vulnerability.

References 4 Total

https://www.tenable.com/security/research/tra-2018-21
external site
x_transferred
https://mikrotik.com/download/changelogs
external site
x_transferred
https://mikrotik.com/download/changelogs/bugfix-release-tree
external site
x_transferred
seclists.org: 20190723 Two vulnerabilities found in MikroTik's RouterOS
external site
mailing-listx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Tenable Network Security, Inc.

Description

Product Status

References 4 Total

CVE Program

References 4 Total