cbcvebase.

Mikrotik Routeros vulnerabilities

85 known vulnerabilities affecting mikrotik/routeros.

Total CVEs
85
CISA KEV
2
actively exploited
Public exploits
13
Exploited in wild
6
Severity breakdown
CRITICAL5HIGH29MEDIUM50LOW1

Vulnerabilities

Page 2 of 5
CVE-2025-6443P3HIGHCVSS 7.2fixed in 7.20v7.15.3, 7.16.22025-06-25
CVE-2025-6443 [HIGH] CWE-284 CVE-2025-6443: Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows r Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability allows remote attackers to bypass access restrictions on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of remote IP addresses when processing VXLAN traffic.
nvd
CVE-2022-45313P3HIGHCVSS 8.8fixed in 7.52022-12-05
CVE-2022-45313 [HIGH] CWE-125 CVE-2022-45313: Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message.
nvd
CVE-2023-30800P3HIGHCVSS 7.5≥ 6.0, < 6.49.10v6.49.9+1 more2023-09-07
CVE-2023-30800 [HIGH] CWE-787 CVE-2023-30800: The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not aff
nvd
CVE-2020-11881P3HIGHCVSS 7.5≥ 6.41.3, ≤ 6.46.5v7.02020-09-14
CVE-2020-11881 [HIGH] CWE-129 CVE-2020-11881: An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows a An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964.
nvd
CVE-2017-8338P3HIGHCVSS 7.5v6.38.52017-05-18
CVE-2017-8338 [HIGH] CWE-400 CVE-2017-8338: A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically.
nvd
CVE-2018-10066P3HIGHCVSS 8.1v6.41.42018-04-13
CVE-2018-10066 [HIGH] CWE-295 CVE-2018-10066: An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network (for example, at site-to-site tunnels).
nvd
CVE-2026-7668P3HIGHCVSS 7.3v6.49.82026-05-02
CVE-2026-7668 [HIGH] CWE-119 CVE-2026-7668: A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated remotely. The exploit is publicly available and might be
nvd
CVE-2025-6563P4MEDIUMCVSS 4.8PoCfixed in 7.19.22025-07-03
CVE-2025-6563 [MEDIUM] CWE-20 CVE-2025-6563: A cross-site scripting vulnerability is present in the hotspot of MikroTik's RouterOS on versions be A cross-site scripting vulnerability is present in the hotspot of MikroTik's RouterOS on versions below 7.19.2. An attacker can inject the `javascript` protocol in the `dst` parameter. When the victim browses to the malicious URL and logs in, the XSS executes. The POST request used to login, can also be converted to a GET request, allowing an attacker
nvd
CVE-2019-16160P3HIGHCVSS 7.5fixed in 6.45.52020-10-07
CVE-2019-16160 [HIGH] CWE-191 CVE-2019-16160: An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthentica An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.
nvd
CVE-2020-10364P3HIGHCVSS 7.5≤ 6.44.32020-03-23
CVE-2020-10364 [HIGH] CWE-770 CVE-2020-10364: The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU acti The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
nvd
CVE-2019-13074P3HIGHCVSS 7.5≤ 6.44.32019-07-03
CVE-2019-13074 [HIGH] CWE-770 CVE-2019-13074: A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.
nvd
CVE-2020-22844P3HIGHCVSS 7.5v6.472022-02-28
CVE-2020-22844 [HIGH] CWE-401 CVE-2020-22844: A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of se A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.
nvd
CVE-2019-15055P3MEDIUMCVSS 6.5≤ 6.44.5≥ 6.45, ≤ 6.45.32019-08-26
CVE-2019-15055 [MEDIUM] CWE-22 CVE-2019-15055: MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which a MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to the management interface as an administrator without authentication.
nvd
CVE-2020-22845P3HIGHCVSS 7.5v6.472022-02-28
CVE-2020-22845 [HIGH] CWE-120 CVE-2020-22845: A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of se A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.
nvd
CVE-2024-54952P3HIGHCVSS 7.5v6.40.52025-05-29
CVE-2024-54952 [HIGH] CWE-476 CVE-2024-54952: MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauth MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Service (DoS), rendering the SMB service unavailable.
nvd
CVE-2019-3979P3HIGHCVSS 7.5≤ 6.44.5≤ 6.45.62019-10-29
CVE-2019-3979 [HIGH] CWE-345 CVE-2019-3979: RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's DNS cache via malicious responses with additional and untr
nvd
CVE-2019-13955P3MEDIUMCVSS 6.5fixed in 6.44.5v6.452019-07-26
CVE-2019-13955 [MEDIUM] CWE-674 CVE-2019-13955: Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sendi Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.
nvd
CVE-2025-42611P3MEDIUMCVSS 6.5≤ 7.20.x2026-05-05
CVE-2025-42611 [MEDIUM] CWE-295 CVE-2025-42611: RouterOS provides various services that rely on correct verification of client and server certificat RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x (802.1X), among others. The vulnerability lies in shared certificate validation logic which uses the system certificate store that is shared and equa
nvd
CVE-2019-13954P3MEDIUMCVSS 6.5fixed in 6.44.5v6.452019-07-26
CVE-2019-13954 [MEDIUM] CWE-770 CVE-2019-13954: Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By send Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected.
nvd
CVE-2018-1157P3MEDIUMCVSS 6.5fixed in 6.40.9fixed in 6.42.72018-08-23
CVE-2018-1157 [MEDIUM] CWE-400 CVE-2018-1157: Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An au Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.
nvd
Mikrotik Routeros vulnerabilities | cvebase