CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-1156

HIGH
8.8
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile18.42th
Published2018年8月23日
Last Modified2024年11月21日

Vulnerability Description

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.

Affected Platforms (CPE)

💻
Mikrotik

Routeros

< 6.40.9
💻
Mikrotik

Routeros

< 6.42.7

References & Advisories

🔗 https://mikrotik.com/download/changelogs
🔗 https://mikrotik.com/download/changelogs/bugfix-release-tree
🔗 https://www.tenable.com/security/research/tra-2018-21
🔗 https://mikrotik.com/download/changelogs
🔗 https://mikrotik.com/download/changelogs/bugfix-release-tree
🔗 https://www.tenable.com/security/research/tra-2018-21

相關漏洞威脅

CVE-2017-201499.8

The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A...

CVE-2018-74459.8

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attacker...

CVE-2018-148479.1

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers ...

CVE-2019-39768.8

RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via t...