CyberSec.Space Logo
Back to CVE Browser

CVE-2017-20149

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile36.11th
PublishedOct 15, 2022
Last ModifiedMay 14, 2025

Vulnerability Description

The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later.

Affected Platforms (CPE)

πŸ’»
Mikrotik

Routeros

< 6.37.5
πŸ’»
Mikrotik

Routeros

>= 6.38 and < 6.38.5

References & Advisories

πŸ”— https://github.com/BigNerd95/Chimay-Red
πŸ”— https://www.bleepingcomputer.com/news/security/hajime-botnet-makes-a-comeback-with-massive-scan-for-mikrotik-routers/
πŸ”— https://github.com/BigNerd95/Chimay-Red
πŸ”— https://www.bleepingcomputer.com/news/security/hajime-botnet-makes-a-comeback-with-massive-scan-for-mikrotik-routers/

Related Vulnerabilities

CVE-2018-74459.8

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attacker...

CVE-2018-148479.1

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers ...

CVE-2019-39768.8

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via t...

CVE-2018-11568.8

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vuln...