Vulnerability CVE-2018-1157


Published: 2018-08-23

Description:
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.

Type:

CWE-400

(Uncontrolled Resource Consumption ('Resource Exhaustion'))

Vendor: Mikrotik
Product: Routeros 
Version:
6.9
6.7
6.6
6.5
6.42.6
6.42.5
6.42.4
6.42.3
6.42.2
6.42.1
6.42
6.41.4
6.41.3
6.41.2
6.41.1
6.41
6.40.9
6.40.8
6.40.7
6.40.6
6.40.5
6.40.4
6.40.3
6.40.2
6.40.1
6.40
6.39.3
6.39.2
6.39.1
6.39
6.38.7
6.38.5
6.38.4
6.38.3
6.38.2
6.38.1
6.38
6.37.5
6.37.4
6.37.3
6.37.2
6.37.1
6.37
6.36.4
6.36.3
6.36.2
6.36.1
6.36
6.35.4
6.35.2
6.35.1
6.35
6.34.6
6.34.5
6.34.4
6.34.3
6.34.2
6.34.1
6.34
6.33.6
6.33.5
6.33.3
6.33.2
6.33.1
6.33
6.32.4
6.32.3
6.32.2
6.32.1
6.30.4
6.30.2
6.30.1
6.30
6.29.1
6.29
6.28
6.27
6.26
6.25
6.24
6.23
6.22
6.21.1
6.20
6.19
6.18
6.17
6.16
6.15
6.14
6.13
6.12
6.11
6.10
6.0
5.9
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
https://mikrotik.com/download/changelogs
https://mikrotik.com/download/changelogs/bugfix-release-tree
https://www.tenable.com/security/research/tra-2018-21

Related CVE
CVE-2019-3943
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can u...
CVE-2019-3924
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vuln...
CVE-2018-1159
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting.
CVE-2018-1158
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.
CVE-2018-1156
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
CVE-2018-10070
A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected ro...
CVE-2018-10066
An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to ...

Copyright 2019, cxsecurity.com

 

Back to Top